CVE-2025-28930

Name of the Vulnerable Software and Affected Versions: List Mixcloud versions n/a through 1.4

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the web page, potentially affecting users who access the page.

Recommendations: For versions n/a through 1.4, update to a version that fixes the Stored XSS issue to prevent exploitation. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the web page. Avoid using the vulnerable List Mixcloud feature until the issue is resolved.