CVE-2025-26158

CVSS 5.6 MEDIUMEPSS 0.3%CWE-79

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/rtnthakur/CVE/blob/main/Kashipara/README.md