CVE-2025-58646

Name of the Vulnerable Software and Affected Versions chtombleson Mobi2Go versions through 1.0.0

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages viewed by other users. The vulnerability affects the application’s ability to properly sanitize user-supplied data before including it in dynamically generated web content. The affected application does not properly neutralize input, leading to the possibility of executing arbitrary JavaScript code in the context of a user's browser.

Recommendations Update to a version beyond 1.0.0.