Cross-site Scripting Vulnerability in Think201 Data Dash by Think201
CVE-2025-23751
7.1HIGH
What is CVE-2025-23751?
An input validation flaw in Think201 Data Dash allows attackers to exploit a reflected Cross-site Scripting (XSS) vulnerability. This vulnerability enables malicious actors to inject harmful scripts into web pages generated by the application. Users visiting these compromised pages risk having their cookies stolen, sessions hijacked, or sensitive information exfiltrated. Ensuring proper sanitation of inputs is crucial to mitigate these risks and protect user data.
Affected Version(s)
Data Dash <= 1.2.3