benkeen generatedata 4.0.14: Unvalidated data in web pages can lead to code injection

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.1

benkeen generatedata 4.0.14: Unvalidated data in web pages can lead to code injection

CVE-2025-70025

Summary

benkeen generatedata, a tool used to generate web pages, contains a security flaw that could allow an attacker to inject malicious code into web pages. This could allow an attacker to take control of a website or steal sensitive information. You should update to the latest version of benkeen generatedata to fix this issue.

Original title

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in benkeen generatedata 4.0.14.

Original description

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in benkeen generatedata 4.0.14.

nvd CVSS3.1 6.1

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://gist.github.com/zcxlighthouse/a1dda57a88802ea5174685c1ae3ee1b2
https://github.com/benkeen
https://github.com/benkeen/generatedata

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026