Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
iMoney: Malicious Links Can Steal User Data
CVE-2025-69392
Summary
A security issue in iMoney allows attackers to steal sensitive information from users by tricking them into clicking on malicious links. This affects iMoney versions 0.37 and earlier. Update to the latest version to fix this issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itex iMoney imoney allows Reflected XSS.This issue affects iMoney: from n/a through <= 0.36.
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itex iMoney imoney allows Reflected XSS.This issue affects iMoney: from n/a through <= 0.36.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026