CVE-2025-69089

Name of the Vulnerable Software and Affected Versions autolistings Auto Listings versions through 2.7.1

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting (XSS) issue. This specific instance allows for Stored XSS attacks. The vulnerability exists because the application does not properly sanitize user-supplied data before including it in dynamically generated web pages. This allows an attacker to inject malicious scripts into web pages viewed by other users.

Recommendations Update to a version later than 2.7.1.