Strix
26.1K

CVE-2025-57117

MEDIUMCVSS 5.4/10EPSS 0.41%

Last modified

CVE-2025-57117 is a medium-severity vulnerability rated 5.4/10 on the CVSS scale. A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.

Description

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.

Metrics

CVSS 3.1
5.4/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

EPSS Probability
0.41%

32.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
RemyandradeEmployee Management System1.0

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-57117?
A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department.
How severe is CVE-2025-57117?
CVE-2025-57117 has a CVSS score of 5.4/10 (MEDIUM severity). The EPSS model estimates a 0.41% probability of exploitation in the next 30 days.
How do I fix CVE-2025-57117?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-57117?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST