CVE-2025-4547 MEDIUM

CVE-2025-4547: SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting

Vendor Sourcecodester
Product Web-based Pharmacy Product Management System
Weakness CWE-79 · XSS
Published May 11, 2025
Last update May 12, 2025
View on NVD All CVEs

CVSS base score

4.8/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.

Key dates

02Disclosure timeline

May 11, 2025 CVE published
May 12, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-13499 yashpokharna2555 restaurent-management-system Registration login_register.php cross site scripting CVE-2025-25133 WordPress WP Frontend Submit Plugin <= 1.1.0 - Reflected Cross-Site Scripting vulnerability CVE-2025-49962 WordPress bbPress Notify plugin <= 2.19.5 - Cross Site Scripting (XSS) vulnerability CVE-2024-6361 Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane product. CVE-2024-52835 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)