OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface.
Metrics
Affected Vendors & Products
References
History
Fri, 15 Aug 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-79 | |
Metrics |
cvssV3_1
|
Fri, 15 Aug 2025 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ourphp
Ourphp ourphp |
|
Vendors & Products |
Ourphp
Ourphp ourphp |
Thu, 14 Aug 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-08-14T00:00:00.000Z
Updated: 2025-08-15T16:41:19.288Z
Reserved: 2025-06-16T00:00:00.000Z
Link: CVE-2025-51965

Updated: 2025-08-15T16:41:14.302Z

Status : Awaiting Analysis
Published: 2025-08-14T20:15:32.387
Modified: 2025-08-15T17:15:32.360
Link: CVE-2025-51965

No data.