CVE-2025-4957

Name of the Vulnerable Software and Affected Versions Metagauss ProfileGrid versions through 5.9.5.7

Description A flaw exists in Metagauss ProfileGrid that allows for Reflected Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially allow an attacker to inject malicious scripts into web pages viewed by other users. The affected API endpoints and vulnerable parameters are not specified.

Recommendations Update Metagauss ProfileGrid to a version later than 5.9.5.7.