CVE-2025-41081

Name of the Vulnerable Software and Affected Versions IsMyGym versions (affected versions not specified)

Description A Reflected Cross-Site Scripting (XSS) issue exists in IsMyGym by Zuinq Studio. This allows an attacker to execute JavaScript code in a user's browser by sending a malicious URL containing '/.php/'. Successful exploitation could lead to the theft of sensitive user data, such as session cookies, or actions performed on behalf of the user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.