- Description
- A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and error parameters, which are then executed in the victim's browser when the page is viewed.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- blood_bank_management_system
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-79
- Hype score
- Not currently trending
[CVE-2025-63534: HIGH] Critical XSS vulnerability found in Blood Bank Management System 1.0 login.php. Unsanitized user input allows execution of malicious scripts when viewed, posing a serious cyber threat.#cve,CVE-2025-63534,#cybersecurity https://t.co/3W9irWuz4z https://t.co/x
@CveFindCom
1 Dec 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-63534 A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize o… https://t.co/0IlcwEP7GY
@CVEnew
1 Dec 2025
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:shridharshukl:blood_bank_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B391DFD-8072-4642-9A31-9E4DE8648367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]