CVE-2025-68849

Name of the Vulnerable Software and Affected Versions Frank Corso Quote Master versions through 7.1.1

Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting (XSS). This means that malicious code can be injected into web pages viewed by users. The vulnerability exists due to insufficient sanitization of user-supplied input. The affected component is Quote Master.

Recommendations Versions prior to 7.1.1 should be updated.