Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/16 2:20 a.m.9 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

6.1CVSS6.2AI score0.00221EPSS
Exploits1References1
NVD
NVD
added 2026/01/15 9:16 p.m.9 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

6.1CVSS0.00221EPSS
Exploits1References2
CVE
CVE
added 2026/01/15 12:0 a.m.16 views

CVE-2025-65368

Summary: CVE-2025-65368 affects SparkyFitness v0.15.8.2 and enables Cross Site Scripting (XSS) through user input and LLM output. The vulnerability stems from improper handling of input/output, enabling injection of malicious scripts viewed by other users. The CVSSv3.1 base score is 6.1 (Medium) ...

6.1CVSS5.8AI score0.00221EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.7 views

SparkyFitness security vulnerability

SparkyFitness is a fitness and health management platform developed by CodeWithCJ. Version SparkyFitness v0.15.8.2 contains a security vulnerability, which stems from improper handling of user input and LLM outputs, potentially leading to cross-site scripting attacks...

6.1CVSS5.6AI score0.00221EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:0 a.m.3 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

6.1CVSS5.4AI score0.00221EPSS
Exploits1References3
OSV
OSV
added 2026/01/15 12:0 a.m.5 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

6.1CVSS5.4AI score0.00221EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/15 12:0 a.m.5 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

5.8AI score0.00221EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/15 12:0 a.m.7 views

EUVD-2026-2708

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

6.1CVSS5.7AI score0.00221EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.22 views

CVE-2025-65368

SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...

0.00221EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-3106

Name of the Vulnerable Software and Affected Versions SparkyFitness version 0.15.8.2 Description SparkyFitness is susceptible to Cross-Site Scripting XSS attacks. The issue stems from improper handling of user input and output from Large Language Models LLMs. This allows for the injection of...

6.1CVSS6.2AI score0.00221EPSS
Exploits1References5
Rows per page
Query Builder