CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0530: code-projects Job Recruitment _feedback_system.php cross site scripting

5.3 CVSS

Description

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects unknown code of the file /_parse/_feedback_system.php. The manipulation of the argument type leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In code-projects Job Recruitment 1.0 wurde eine problematische Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode der Datei /_parse/_feedback_system.php. Dank Manipulation des Arguments type mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

Classification

CVE ID: CVE-2025-0530

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

Affected Products

Vendor: code-projects

Product: Job Recruitment

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 32.71% (scored less or equal to compared to others)

EPSS Date: 2025-02-15 (when was this score calculated)

References

https://vuldb.com/?id.292414
https://vuldb.com/?ctiid.292414
https://vuldb.com/?submit.478674
https://github.com/ha0day125/cve/blob/main/xss-ha0day.md
https://code-projects.org/

Timeline

2025-01-18 00:30:39 UTC
CVE

code-projects Job Recruitment _feedback_system.php cross site scripting