Medium severity6.1NVD Advisory· Published Jul 29, 2025· Updated Jun 17, 2026
CVE-2025-40683
CVE-2025-40683
Description
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.0
- Human Resource Management System/Human Resource Management Systemv5Range: 1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.