CVE-2025-23719

Name of the Vulnerable Software and Affected Versions ZhinaTwitterWidget versions through 1.0

Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting (XSS) issue. This allows for the injection of malicious scripts through web pages. The vulnerable component is susceptible to attacks where an attacker can inject arbitrary web scripts. The affected API endpoint is not specified. The vulnerable parameter is not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.