CVE-2025-41024

Summary

Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 

'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.

Affected Software

VendorProductVersion RangeStatus
Poultry Farm Management SystemPoultry Farm Management System1.0affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References