CVE-2025-23707

Name of the Vulnerable Software and Affected Versions Matamko En Masse versions through 1.0

Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting (XSS). This allows an attacker to inject malicious scripts into web pages viewed by other users. The vulnerable component does not properly sanitize user-supplied input before including it in the generated web page. This could allow an attacker to execute arbitrary JavaScript code in the context of the user's browser.

Recommendations Versions prior to 1.0 should be updated.