CVE-2025-31379

Name of the Vulnerable Software and Affected Versions: Insert HTML Here versions prior to 1.0

Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting (XSS). Specifically, it enables Reflected XSS.

Recommendations: For versions prior to 1.0, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. As a temporary workaround, consider restricting the use of the Insert HTML Here feature until a patch is available.