CVE-2026-23979

Name of the Vulnerable Software and Affected Versions Softwebmedia Gyan Elements versions n/a through 2.2.1

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, potentially leading to reflected cross-site scripting (XSS). This allows an attacker to inject malicious scripts into a website, which can then be executed by unsuspecting users who visit the affected page. The injected scripts can steal sensitive information, redirect users to malicious websites, or modify the content of the web page.

Recommendations Update Gyan Elements to a version later than 2.2.1.