CVE-2025-60318 — Cross-site Scripting in PET Grooming Management Software

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.0%

top 90.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mayurik PET Grooming Management Software

Timeline

PublishedOct 8

Description

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

▶NVDmayurik/pet_grooming_management_software1.0

🔴Vulnerability Details

GHSA

GHSA-m965-73pg-36g4: SourceCodester Pet Grooming Management Software 1↗2025-10-08

▶

CVEList

CVE-2025-60318: SourceCodester Pet Grooming Management Software 1↗2025-10-08

▶