Cross-site Scripting Vulnerability in Tiki Time by Fyrewurks
CVE-2025-23986
7.1HIGH
What is CVE-2025-23986?
The Tiki Time product by Fyrewurks is susceptible to a reflected Cross-site Scripting (XSS) vulnerability. This issue allows attackers to inject malicious scripts into web pages viewed by users. Affected versions, including Tiki Time 1.3 and earlier, could potentially allow an attacker to execute arbitrary scripts in the context of the user’s session, leading to unauthorized actions or data theft if exploited.
Affected Version(s)
Tiki Time <= 1.3