CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-29412

A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.5%

CVSS Severity

CVSS v3 Score 4.8

References

https://github.com/MartMbithi/iBanking/issues/11
https://www.simonjuguna.com/cve-2025-29412-cross-site-scripting-xss-vulnerability-in-ibanking-v2-0-0/
https://www.simonjuguna.com/cve-2025-29412-cross-site-scripting-xss-vulnerability-in-ibanking-v2-0-0/

Products affected by CVE-2025-29412

Martmbithi » Ibanking » Version: 2.0.0

cpe:2.3:a:martmbithi:ibanking:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-29412

Products

Pricing

Contact Us