What is CVE-2025-4547?

CVE-2025-4547 is a low-severity vulnerability in Sourcecodester Web-based Pharmacy Product Management System, classified under Cross-site Scripting. CVSS score: 2.4/10. Published 2025-05-11.

How severe is CVE-2025-4547?

Low severity. CVSS v3 base score is 2.4 out of 10.

RCE in Sourcecodester Web-based Pharmacy Product Management System

CVE-2025-4547

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (41.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.4 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N.

Affected products

Sourcecodester Web-based Pharmacy Product Management System — versions 1.0

Weakness classification (CWE)

References

VDB-308294 | SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting (vdb-entry)
VDB-308294 | CTI Indicators (IOB, IOC, TTP) (signature, permissions-required)
Submit #567497 | SourceCodester Web-based Pharmacy Product Management System 1.0 Cross Site Scripting (third-party-advisory)
github.com/csehacademy/CVEs/blob/main/Web-based Pharmacy Product Management Sys… (exploit)
www.sourcecodester.com/ (product)

Frequently asked questions

What is CVE-2025-4547?: CVE-2025-4547 is a low-severity vulnerability in Sourcecodester Web-based Pharmacy Product Management System, classified under Cross-site Scripting. CVSS score: 2.4/10. Published 2025-05-11.
How severe is CVE-2025-4547?: Low severity. CVSS v3 base score is 2.4 out of 10.