CVE-2025-8337

Low CVSS 2.4

Overview

A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_vehicles.php. The manipulation of the argument car_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CWE: CWE-79 Published: 2025-07-30T23:15:28.833

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.4 (LOW)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Overview

Recommended tools

Tags