CVE-2025-70336

Name of the Vulnerable Software and Affected Versions PodcastGenerator version 3.2.9

Description A stored cross-site scripting (XSS) issue exists in the 'Create New Live Item' functionality. This allows remote attackers to inject arbitrary script or HTML through the TITLE, SHORT DESCRIPTION, and LONG DESCRIPTION parameters. The injected payload is executed when accessing the 'View All Live Items' and 'Live Stream' pages.

Recommendations Update to a newer version that contains a fix for this vulnerability.