CVE-2025-29015: Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php.
6.1
CVSS
Description
Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php.
Classification
CVE ID: CVE-2025-29015
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.1
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 6.05% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-29015https://www.cvedetails.com/vulnerability-list/opxss-1/cross-site-scripting.html
https://github.com/b1tm4r/CVE-2025-29015