CVE-2025-60105

Name of the Vulnerable Software and Affected Versions metaphorcreations Ditty versions through 3.1.58

Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This could allow an attacker to inject malicious scripts into web pages viewed by other users. The affected component is susceptible to exploitation through crafted input.

Recommendations Update metaphorcreations Ditty to a version later than 3.1.58.