Description

Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medicine Name" and "Notes (Optional)" fields when creating an "Upcoming Reminder", allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicking the "Save Reminder" button.

INFO

Published Date :

2025-11-07T00:00:00.000Z

Last Modified :

2025-11-07T20:04:03.155Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-63640 vulnerability.

Vendors Products
Sourcecodester
  • Medicine Reminder App
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-63640.

URL Resource
https://github.com/ChuckBartowski7/Vulnerability-Research/blob/main/CVE-2025-63640/README.md cve-icon cve-icon
https://www.sourcecodester.com/javascript/18402/medicine-reminder-app-using-html-css-and-javascript-source-code.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System