CVE-2025-7141

low

Description

A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/edit_plan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

References

https://vuldb.com/?submit.605988

https://vuldb.com/?id.315055

https://github.com/Colorado-all/cve/blob/main/Best%20salon%20management%20system/xss-3.md

https://www.sourcecodester.com/

https://vuldb.com/?ctiid.315055

Details

Source: Mitre, NVD

Published: 2025-07-07

Updated: 2025-07-09

Risk Information

CVSS v2

Base Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

CVSS v4

Base Score: 1.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Severity: Low

EPSS

EPSS: 0.0003