CVE-2025-58265

Name of the Vulnerable Software and Affected Versions Events Manager – OpenStreetMaps versions through 4.2.1

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages viewed by other users. The vulnerability exists due to insufficient sanitization of user-supplied data.

Recommendations Update Events Manager – OpenStreetMaps to a version later than 4.2.1.