CVE-2025-68836

Name of the Vulnerable Software and Affected Versions Markbeljaars Table of Contents Creator versions through 1.6.4.1

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into a web page viewed by other users. The vulnerability exists because the application does not adequately sanitize input before including it in the generated web page. The injected script can then be executed in the context of the user's browser, potentially allowing the attacker to steal cookies, redirect the user to a malicious website, or modify the content of the page.

Recommendations Update Markbeljaars Table of Contents Creator to a version later than 1.6.4.1.