CVE-2025-60141

Name of the Vulnerable Software and Affected Versions The Tribal versions through 1.3.3

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting (XSS) issue. This allows for the injection of malicious scripts into web pages viewed by other users. The vulnerability is of type Stored XSS, meaning the malicious script is permanently stored on the target server.

Recommendations Update The Tribal to a version later than 1.3.3.