CVE-2025-70458

Published: Jan 23, 2026

Modified: Jan 26, 2026

PUBLISHED

Description

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.sourcecodester.com/php/18500/domain-availability-checker-using-php-and-javascript-source-code.html

https://github.com/ismaildawoodjee/vulnerability-research/security/advisories/GHSA-chm7-vgf7-6f9p

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-70458

Description

Affected Products

References