CVE-2025-60302

📊 6.1 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Oct 9, 2025

📋 Status: Analyzed

code-projects Client Details System 1.0 is vulnerable to Cross Site Scripting (XSS). When adding customer information, the client details system fills in malicious JavaScript code in the username field.

CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	fabian	client details system	1.0	Vulnerable	cpe:2.3:a:fabian:client_details_system:1.0:::::::*

📱

fabian / client details system

Application

Vulnerable

Version: 1.0

CPE:

cpe:2.3:a:fabian:client_details_system:1.0:*:*:*:*:*:*:*

Metrics

6.1 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

REQUIRED

Confidentiality:

LOW

Integrity:

LOW

Availability:

NONE

Scope:

CHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

6.1 (MEDIUM)v3.1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

EPSS Details

0.0% (Minimal)7.4th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Oct 9, 2025 (24 days ago)

Last Modified

Oct 29, 2025 (4 days ago)

Security Weaknesses1

CWE-79

References2

NVDgeneral