CVE-2026-25351

Name of the Vulnerable Software and Affected Versions MyMedi versions prior to 1.7.7

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into web pages viewed by other users.

Recommendations Update MyMedi to version 1.7.7 or later.