CVE-2025-63644: pH7-Social-Dating-CMS affected by a stored cross-site scripting (XSS) vulnerability
(updated )
A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field.
References
- drive.google.com/drive/folders/1mYDvUTnlTPCGTB-7tHD3pmu_wHtlMVRP
- github.com/advisories/GHSA-657c-wxg6-jmqv
- github.com/pH7Software/pH7-Social-Dating-CMS
- medium.com/@rudranshsinghrajpurohit/cve-2025-63644-stored-cross-site-scripting-xss-vulnerability-in-ph7-social-dating-cms-23ed0e7eb853
- nvd.nist.gov/vuln/detail/CVE-2025-63644
Code Behaviors & Features
Detect and mitigate CVE-2025-63644 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →