CVE-2025-23551

Name of the Vulnerable Software and Affected Versions P. Razvan SexBundle versions n/a through 1.4

Description The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting (XSS). Specifically, it enables Reflected XSS.

Recommendations For versions n/a through 1.4, update to a version that includes a fix for this issue, as using outdated versions may expose users to XSS attacks. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using potentially vulnerable API endpoints until the issue is resolved.