Unrated severityNVD Advisory· Published Jan 23, 2026· Updated Jan 26, 2026

CVE-2025-70458

Description

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.

Affected products

Sourcecodester/Domain Availability Checkerdescription
Sourcecodester/Domain Availability Checkerllm-create
Range: = v1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/ismaildawoodjee/vulnerability-research/security/advisories/GHSA-chm7-vgf7-6f9pmitre
www.sourcecodester.com/php/18500/domain-availability-checker-using-php-and-javascript-source-code.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000