CVE-2025-11433 | itsourcecode Leave Management System 1.0 Query Parameter controller.php?action=reset redirect ID cross site scripting

A vulnerability was found in itsourcecode Leave Management System 1.0. It has been rated as problematic. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Parameter Handler. Performing manipulation of the argument ID results in cross site scripting.

This vulnerability is cataloged as CVE-2025-11433. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More