CVE-2025-68031

Name of the Vulnerable Software and Affected Versions faraz sms versions prior to 2.7.3

Description Improper neutralization of input during web page generation allows for Reflected Cross-site Scripting (XSS), a flaw where an application includes untrusted data in a web page without proper validation or escaping, enabling attackers to execute malicious scripts in the victim's browser.

Recommendations Update to a version newer than 2.7.3.