CVE 8.5 HIGH

CVE-2025-63528_CVE-2025-63528

December 1, 2025 invoker category_cve

8.5 / 10

HIGH

CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:C/UI:N

Description

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the blooddinfo.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the error parameter, which is then executed in the victim's browser when the page is viewed.

AI Analysis

Cross-site scripting (XSS) vulnerability in blooddinfo.php component due to insufficient input sanitization

Basic Information

ID CVE-2025-63528

Source mitre

Published Dec 1, 2025 at 00:00

Modified Dec 1, 2025 at 19:36

Affected Product

Vendor Shridharshukl

Product Blood Bank Management System

Version 1.0

Affected Versions n/a n/a n/a

CWE Classification

CWE-79

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Shridharshukl

Product Blood Bank Management System

Version 1.0

References

{
    "lastseen": "",
    "description": "A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the blooddinfo.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the error parameter, which is then executed in the victim's browser when the page is viewed.",
    "published": "2025-12-01T00:00:00.000Z",
    "modified": "2025-12-01T19:36:49.757Z",
    "type": "cve",
    "title": "CVE-2025-63528",
    "source": "mitre",
    "references": "https://github.com/Shridharshukl/Blood-Bank-Management-System\nhttps://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing\nhttps://github.com/kiwi865/CVEs/blob/main/CVE-2025-63528.md",
    "id": "CVE-2025-63528",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:L/PR:L/S:C/UI:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Blood Bank Management System",
    "version": "1.0",
    "vendor": "Shridharshukl",
    "ai_description": "Cross-site scripting (XSS) vulnerability in blooddinfo.php component due to insufficient input sanitization",
    "ai_severity": "High",
    "ai_vendor": "Shridharshukl",
    "ai_product": "Blood Bank Management System",
    "ai_version": "1.0",
    "ai_score": 8.5
}

💭 Join the Security Discussion ❌ Cancel Reply