CVE-2025-41024 MEDIUM

CVE-2025-41024: Stored Cross-Site Scripting in Poultry Farm Management System

Vendor Poultry Farm Management System
Product Poultry Farm Management System
Weakness CWE-79 · XSS
Published January 20, 2026
Last update January 20, 2026
View on NVD All CVEs

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:  'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.

Key dates

02Disclosure timeline

January 20, 2026 CVE published
January 20, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-41539 QTS, QuTS hero CVE-2025-31730 WordPress Marketer Addons Plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability CVE-2022-2065 Cross-site Scripting (XSS) - Stored in neorazorx/facturascripts CVE-2024-8323 Pricing Tables WordPress Plugin – Easy Pricing Tables <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fontFamily Attribute CVE-2025-62917 WordPress Tooltipy plugin <= 5.5.9 - Cross Site Scripting (XSS) vulnerability