CVE-2026-30162

Name of the Vulnerable Software and Affected Versions Timo version 2.0.3

Description A Cross Site Scripting (XSS) issue exists in Timo version 2.0.3. The issue is triggered by manipulated links within the title field. Exploitation involves crafting malicious links that, when clicked, can execute arbitrary scripts in the context of the affected application. The vulnerable parameter is the title field.

Recommendations Update to a newer version of Timo that addresses this issue. As a temporary workaround, sanitize all input received for the title field to remove or encode potentially malicious characters.