CVE-2026-25417

Name of the Vulnerable Software and Affected Versions Metagauss ProfileGrid versions prior to 5.9.8.2

Description The software contains a flaw due to improper handling of input during the creation of web pages, specifically a 'cross-site scripting' issue. This allows for 'Stored XSS', where malicious scripts can be stored and executed within the application. The affected component is profilegrid-user-profiles-groups-and-communities.

Recommendations Update to a version greater than 5.9.8.1.