CVE-2025-23469

Name of the Vulnerable Software and Affected Versions Sleekplan versions through 0.2.0

Description A Reflected Cross-site Scripting (XSS) issue exists in Sleekplan due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts into web pages viewed by other users. The input provided is not properly sanitized, leading to the execution of arbitrary code within the context of the user's browser. The vulnerable component is related to web page generation.

Recommendations Update Sleekplan to a version later than 0.2.0.