CVE-2025-39519

Name of the Vulnerable Software and Affected Versions rtpHarry Bulk Page Stub Creator versions n/a through 1.1

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This means an attacker can inject malicious scripts into a website, potentially stealing user data or taking control of the user's session.

Recommendations For versions n/a through 1.1, consider disabling any functionality that generates web pages based on user input until a patch is available. Restrict access to the Bulk Page Stub Creator to minimize the risk of exploitation. Avoid using the creator to generate pages with unvalidated input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.