CVE-2025-2307

Name of the Vulnerable Software and Affected Versions Aidango versions prior to 2.144.4

Description Aidango is susceptible to a Cross-Site Scripting (XSS) issue due to improper neutralization of input during web page generation. XSS occurs when an application includes malicious code in a web page viewed by other users. This can allow attackers to execute scripts in the context of a user's browser, potentially leading to session hijacking or defacement of the website. The vulnerability exists because the application does not properly sanitize user-supplied input before including it in the generated web pages. This allows an attacker to inject malicious scripts into the web page, which will then be executed by other users who view the page.

Recommendations Update Aidango to version 2.144.4 or later.