CVE-2025-39369

Name of the Vulnerable Software and Affected Versions: sihibbs Posts for Page versions n/a through 2.1

Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This means that an attacker could potentially inject malicious scripts into the webpage, affecting the Document Object Model (DOM), which is a programming interface for HTML and XML documents.

Recommendations: For sihibbs Posts for Page versions n/a through 2.1, consider implementing proper input validation and sanitization to prevent malicious scripts from being injected into the webpage. As a temporary workaround, restrict access to sensitive areas of the webpage to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.