CVE-2025-2154

Name of the Vulnerable Software and Affected Versions Specto CM versions prior to 17032025

Description Specto CM contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages viewed by other users. The vulnerability exists due to insufficient sanitization of user-supplied input.

Recommendations Update Specto CM to a version newer than or equal to 17032025.