CVE-2025-56605 | THREATINT

Description

A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute arbitrary JavaScript code in the victim's browser.

PUBLISHED Reserved 2025-08-17 | Published 2026-02-26 | Updated 2026-02-26 | Assigner mitre

References

github.com/Userr404/CVE-2025-56605

cve.org (CVE-2025-56605)

nvd.nist.gov (CVE-2025-56605)

Download JSON