exploitDog

CVE-2025-57117

Опубликовано: 15 сент. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.

Ссылки

http://employee.com
Broken Link
https://github.com/Jazeye/CVE/blob/main/CVE-2025-57117/README.md
Exploit
Third Party Advisory
https://www.sourcecodester.com/
Product
https://github.com/Jazeye/CVE/blob/main/CVE-2025-57117/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:remyandrade:employee_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00092

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-f8wp-g7q2-59gh

CVSS3: 5.4

github

5 месяцев назад

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.

EPSS

Процентиль: 26%

0.00092

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79