CVE-2025-2404

Name of the Vulnerable Software and Affected Versions Ubit Information Technologies STOYS versions 2 through 20250916

Description The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, which allows for Cross-Site Scripting (XSS). The vendor has not yet confirmed the completion of the fixing process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.