CVE-2025-60782 | THREATINT

Description

PHP Education Manager v1.0 is vulnerable to Cross Site Scripting (XSS) stored Cross-Site Scripting (XSS) vulnerability in the topics management module (topics.php). Attackers can inject malicious JavaScript payloads into the Titlefield during topic creation or updates.

PUBLISHED Reserved 2025-09-26 | Published 2025-10-02 | Updated 2025-10-03 | Assigner mitre

References

gold-textbook-8ff.notion.site/...80db9d38e7d0fbb408d6?pvs=73

cve.org (CVE-2025-60782)

nvd.nist.gov (CVE-2025-60782)

Download JSON