CVE-2025-57998

Name of the Vulnerable Software and Affected Versions Hamid Reza Yazdani E-namad & Shamed Logo Manager versions through 2.2

Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting (XSS). This allows for the injection of malicious scripts into web pages viewed by other users. The issue is identified as Stored XSS, meaning the malicious script is persistently stored on the target server.

Recommendations Update to a version later than 2.2. At the moment, there is no information about a newer version that contains a fix for this vulnerability.