CVE-2025-67933

Name of the Vulnerable Software and Affected Versions Taskbuilder versions through 4.0.9

Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting (XSS) issue. This allows for the injection of malicious scripts into web pages. The vulnerability exists due to insufficient sanitization of user-supplied input. The affected component is Taskbuilder taskbuilder. No information is available regarding the number of potentially affected devices or any real-world exploitation of this issue. The vulnerability allows for the execution of arbitrary scripts within the context of a user's browser.

Recommendations Versions prior to 4.0.9 are vulnerable. Update Taskbuilder to a version greater than 4.0.9.