CVE-2026-23973

Name of the Vulnerable Software and Affected Versions uxper Golo versions prior to 1.7.5

Description An issue exists in uxper Golo that allows for Reflected Cross-site Scripting (XSS). This occurs due to improper neutralization of input during web page generation. The issue affects the application’s handling of user-supplied data, potentially allowing an attacker to inject malicious scripts into web pages viewed by other users.

Recommendations Update uxper Golo to version 1.7.5 or later.