CVE-2025-1597

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 23, 2025

Updated: Feb 28, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-1597: A critical vulnerability was identified in the SourceCodester Best Church Management Software version 1.0. This issue, which is classified as problematic, affects an unknown function in the /admin/redirect.php file. Attackers can exploit this cross-site scripting (XSS) vulnerability by manipulating the argument 'a', allowing them to inject malicious code. The exploit can be launched remotely, and the vulnerability has been publicly disclosed, increasing the risk of attacks. Despite early notification, the vendor has not responded to address the issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3oHtDo
https://www.cve.org/CVERecord?id=CVE-2025-1597
https://nvd.nist.gov/vuln/detail/CVE-2025-1597

Back to Vulnerability Database

CVE-2025-1597

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations