πŸ” CVE Alert

CVE-2025-41081

UNKNOWN 0.0

Reflected Cross-Site Scripting (XSS) in IsMyGym

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Reflected Cross-Site Scripting (XSS) vulnerability in IsMyGym by Zuinq Studio. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL with '/<PATH>.php/<XSS>'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

Vendor zuinq studio
Product ismygym
Published Jan 20, 2026
Last Updated Feb 26, 2026
Stay Ahead of the Next One

Get instant alerts for zuinq studio ismygym

Be the first to know when new unknown vulnerabilities affecting zuinq studio ismygym are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

Zuinq Studio / IsMyGym
all versions

References

NVD β†— CVE.org β†— EPSS Data β†—
incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-ismygym

Credits

Gonzalo Aguilar GarcΓ­a (6h4ack)