CVE-2025-58915

Name of the Vulnerable Software and Affected Versions Emarket-design YouTube Showcase versions through 3.5.0

Description The software contains a flaw related to improper input handling during web page generation, leading to a Cross-site Scripting (XSS) issue. Specifically, the vulnerability allows for Stored XSS attacks. The vulnerability exists due to insufficient sanitization of user-supplied data, which can be injected into web pages viewed by other users. The affected component is the YouTube Showcase functionality.

Recommendations Update to a version beyond 3.5.0.