CVE-2025-26907

Name of the Vulnerable Software and Affected Versions Mortgage Calculator Estatik versions n/a through 2.0.12

Description The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting (XSS) vulnerability. Specifically, it is a Stored XSS vulnerability, meaning the malicious script is stored on the server and executed when a user accesses the affected page.

Recommendations For Mortgage Calculator Estatik versions n/a through 2.0.12, update to a version later than 2.0.12 to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious scripts from being stored and executed.