CVE-2025-67959

Name of the Vulnerable Software and Affected Versions purethemes WorkScout versions through 4.1.07

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into a website, potentially compromising user accounts or performing unauthorized actions. The vulnerability affects the WorkScout application.

Recommendations Update to a version later than 4.1.07.