CVE-2025-23824

Name of the Vulnerable Software and Affected Versions FontAwesome.io ShortCodes versions n/a through 1.0

Description The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. This problem enables malicious scripts to be stored on the web application, potentially affecting users who access the compromised page.

Recommendations For versions n/a through 1.0, consider disabling the ShortCodes functionality until a patch is available to prevent stored XSS attacks. Restrict access to the affected ShortCodes to minimize the risk of exploitation. Avoid using the vulnerable ShortCodes in web pages until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.