CVE-2025-65540

Name of the Vulnerable Software and Affected Versions xmall version 1.1

Description Multiple Cross-Site Scripting (XSS) issues are present due to improper handling of user-supplied data. User input fields, including username and description, are directly rendered into HTML without appropriate sanitization or encoding. This allows attackers to inject and execute malicious scripts.

Recommendations Update to a newer version that contains a fix for this vulnerability.