CVE-2025-22650

Name of the Vulnerable Software and Affected Versions: Smartarget versions prior to 1.4

Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting (XSS). This enables attackers to inject malicious scripts into the application, potentially leading to unauthorized actions on behalf of other users.

Recommendations: For versions prior to 1.4, update to a version that includes the fix for this issue to prevent stored XSS attacks. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.