CVE-2025-32476

Name of the Vulnerable Software and Affected Versions: blueinstyle Advanced Tag Lists versions 1.2 and earlier

Description: The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, potentially leading to the execution of malicious scripts.

Recommendations: For versions 1.2 and earlier, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. As a temporary workaround, consider implementing additional CSRF protection measures, such as token-based validation, to minimize the risk of exploitation. Restrict access to sensitive areas of the application to minimize the risk of Stored XSS attacks until the issue is resolved.