CVE-2025-40976
The CVE-2025-40976 entry concerns WorkDo’s TicketGo SaaS with a stored XSS flaw arising from insufficient input validation on the description field when a POST is sent to /ticketgo-saas/home. Affected component: TicketGo (WorkDo). Root cause: lack of proper validation of user-supplied data in the...