CVE-2025-63027

Name of the Vulnerable Software and Affected Versions Webcreations907 WBC907 Core versions through 3.4.1

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting (XSS) issue. This specific instance allows for Stored XSS attacks. The issue impacts the way user-supplied data is handled when creating web pages, potentially allowing malicious scripts to be injected and executed in the context of other users' browsers. The vulnerable component is susceptible to attacks where an attacker can inject malicious code into the application, which is then stored and served to other users.

Recommendations Update Webcreations907 WBC907 Core to a version later than 3.4.1.