Genealogy · Genealogy · CVE-2025-55287
Name of the Vulnerable Software and Affected Versions:
Genealogy versions prior to 4.4.0
Description:
Genealogy is a family tree PHP application susceptible to an authenticated stored cross-site scripting (XSS) issue. Attackers with valid credentials can execute arbitrary JavaScript code within another user's session, potentially leading to session hijacking, data theft, and UI manipulation.
Recommendations:
Update to version 4.4.0 or later.