CVE-2025-23888

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GrandSlambert Custom Page Extensions custom-page-extensions allows Reflected XSS.This issue affects Custom Page Extensions: from n/a through = 0.6...

PT-2025-5171 · Unknown · Notfound Custom Page Extensions

Name of the Vulnerable Software and Affected Versions: NotFound Custom Page Extensions versions 0.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables attackers ...