Security Advisory

CVE-2025-56605

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-26 00:00:00
Last updated 2026-02-26 17:06:15
Assigner mitre
State PUBLISHED

Description

A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute arbitrary JavaScript code in the victims browser.