CVE-2025-65540

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions xmall version 1.1

Description Multiple Cross-Site Scripting (XSS) issues are present due to improper handling of user-supplied data. User input fields, including

username

and

description

, are directly rendered into HTML without appropriate sanitization or encoding. This allows attackers to inject and execute malicious scripts.

Recommendations Update to a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

CVE-2025-65540

Xmall