CVE-2025-68864

Name of the Vulnerable Software and Affected Versions Infility Global versions through 2.14.50

Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be stored on the target server and executed by users visiting the affected web pages. The vulnerability exists in Infility Global.

Recommendations Update Infility Global to a version later than 2.14.50.