VYPR
can lead to cross site scripting. The att","datePublished":"2025-09-09T02:15:37.85Z","dateModified":"2026-04-29T01:00:01.613Z","publisher":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"author":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"proficiencyLevel":"Expert","about":{"@type":"Thing","@id":"https://nvd.nist.gov/vuln/detail/CVE-2025-10117","name":"CVE-2025-10117","identifier":"CVE-2025-10117","description":"A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetch_tasks.php of the component Add New Task. Executing manipulation with the input can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10117"]},"keywords":"CVE-2025-10117, Low, CWE-79, CWE-94, Chuck24 Simple To Do List System, Chuck24 Simple To Do List System","mentions":[{"@type":"SoftwareApplication","name":"Simple To Do List System","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Chuck24"}},{"@type":"SoftwareApplication","name":"Simple To Do List System","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Chuck24"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2025-10117","item":"https://portal.vyprsec.ai/cves/CVE-2025-10117"}]}]}
Low severity3.5NVD Advisory· Published Sep 9, 2025· Updated Apr 29, 2026

CVE-2025-10117

CVE-2025-10117

Description

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetch_tasks.php of the component Add New Task. Executing manipulation with the input can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:chuck24:simple_to-do_list_system:1.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:chuck24:simple_to-do_list_system:1.0:*:*:*:*:*:*:*
    • (no CPE)range: = 1.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.