A vulnerability categorized as problematic has been discovered in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetch_tasks.php of the component Add New Task. Executing manipulation with the input
<script>alert('XSS')</script>
can lead to cross site scripting.
This vulnerability is handled as CVE-2025-10117. The attack can be executed remotely. Additionally, an exploit exists.