Medium severity5.4NVD Advisory· Published Feb 26, 2026· Updated Apr 15, 2026
CVE-2025-56605
CVE-2025-56605
Description
A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute arbitrary JavaScript code in the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.0
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.