CVE-2025-67537

Name of the Vulnerable Software and Affected Versions ThirstyAffiliates versions through 3.11.8

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means malicious scripts can be stored and executed by other users when they view the affected web pages.

Recommendations Update ThirstyAffiliates to a version newer than 3.11.8.