CVE-2026-25355

Name of the Vulnerable Software and Affected Versions skygroup Sanzo versions prior to 2.4.3

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential cross-site scripting (XSS) issue. Specifically, the vulnerability allows for stored XSS attacks. This means that malicious scripts can be injected into the application and stored, potentially affecting other users who access the compromised content.

Recommendations Update skygroup Sanzo to version 2.4.3 or later.