CVE-2026-25432

Name of the Vulnerable Software and Affected Versions omnipressteam Omnipress versions through 1.6.7

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be stored on the server and executed by other users who visit the affected web pages. The vulnerability exists due to insufficient sanitization of user-supplied input before it is included in the generated web pages. This could allow an attacker to inject malicious code into web pages viewed by other users.

Recommendations Update omnipressteam Omnipress to a version later than 1.6.7.