10 matches found
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
Summary: CVE-2025-65368 affects SparkyFitness v0.15.8.2 and enables Cross Site Scripting (XSS) through user input and LLM output. The vulnerability stems from improper handling of input/output, enabling injection of malicious scripts viewed by other users. The CVSSv3.1 base score is 6.1 (Medium) ...
SparkyFitness security vulnerability
SparkyFitness is a fitness and health management platform developed by CodeWithCJ. Version SparkyFitness v0.15.8.2 contains a security vulnerability, which stems from improper handling of user input and LLM outputs, potentially leading to cross-site scripting attacks...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
EUVD-2026-2708
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
PT-2026-3106
Name of the Vulnerable Software and Affected Versions SparkyFitness version 0.15.8.2 Description SparkyFitness is susceptible to Cross-Site Scripting XSS attacks. The issue stems from improper handling of user input and output from Large Language Models LLMs. This allows for the injection of...