CVE-2025-23783

Name of the Vulnerable Software and Affected Versions carrotbits Greek Namedays Widget From Eortologio.Net versions from n/a through 20191113

Description The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting (XSS). This means that an attacker can inject malicious scripts into the web page, potentially affecting users who access the page. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.

Recommendations For carrotbits Greek Namedays Widget From Eortologio.Net versions from n/a through 20191113, update to a version released after 20191113 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific version.