CVE-2025-32536

Name of the Vulnerable Software and Affected Versions: Sandeep Verma HTML5 Video Player with Playlist versions 2.50 and earlier

Description: The issue is related to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting (XSS). This enables potential attackers to inject malicious scripts into the website.

Recommendations: For versions 2.50 and earlier, update to a version later than 2.50 to resolve the issue. As a temporary workaround, consider disabling the reflection of user input in the HTML5 Video Player with Playlist until a patch is available. Restrict access to the player to minimize the risk of exploitation.