CVE-2025-48097

Name of the Vulnerable Software and Affected Versions Shiva WSAnalytics versions through 1.1.2

Description A flaw exists in Shiva WSAnalytics wsanalytics-google-analytics-and-dashboards that allows for Reflected Cross-site Scripting (XSS). This occurs due to improper neutralization of input during web page generation. The issue impacts the application's ability to properly handle user-supplied data, potentially allowing an attacker to inject malicious scripts into web pages viewed by other users. The vulnerable component is susceptible to attacks where an attacker can craft a malicious URL containing a script that will be executed in the context of the victim's browser.

Recommendations Update Shiva WSAnalytics to a version later than 1.1.2.