CVE-2025-68520

Name of the Vulnerable Software and Affected Versions DotLife versions prior to 4.9.5

Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting (XSS) issue. This allows for the execution of malicious scripts through a web page. The vulnerable component is susceptible to exploitation when processing user-supplied input without adequate sanitization. The affected API endpoint is not specified. The vulnerable parameter is not specified.

Recommendations Update DotLife to version 4.9.5 or later.