CVE-2025-26972

Name of the Vulnerable Software and Affected Versions: PrivateContent versions n/a through 8.11.5

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for potentially malicious scripts to be injected into web pages. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations: For versions n/a through 8.11.5, update to a version later than 8.11.5 to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.