Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Omnipress: Malicious Code Can Be Injected into Web Pages
CVE-2026-25432
Summary
The Omnipress software has a security flaw that allows attackers to inject malicious code into web pages. This can happen when a user enters certain types of input, which is then stored and displayed on the page. To protect against this, update Omnipress to version 1.6.8 or later.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a thro...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through <= 1.6.7.
nvd CVSS3.1
6.5
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026