VYPR
Medium severity6.1NVD Advisory· Published Oct 20, 2025· Updated Apr 15, 2026

CVE-2025-61456

CVE-2025-61456

Description

A Cross-Site Scripting (XSS) vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the index endpoint. Unsanitized input in the /index parameter is directly reflected back into the response HTML, allowing attackers to execute arbitrary JavaScript in the browser of a user who visits a malicious link or submits a crafted request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.

CVE-2025-61456 · Medium · VYPR