CVE-2025-46729

Name of the Vulnerable Software and Affected Versions julmud/phpDVDProfiler versions v 20230807 through v 20250510

Description The issue concerns cross-site scripting in the search function of the software. This allows for potential malicious script execution when a user interacts with the search functionality. The software is used to display DVD collections on the web, maintained with Invelos's DVDProfiler software.

Recommendations For versions v 20230807 through v 20250510, update to version v 20250511 or later, as it contains a patch for the issue. As a temporary workaround, consider restricting access to the search function until the update can be applied.