Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
NPS computy Cross-site Scripting allows malicious code execution
CVE-2025-67984
Summary
A security issue in NPS computy versions up to 2.8.2 allows hackers to inject malicious code into web pages, potentially stealing user data or taking control of user sessions. This issue can be exploited by anyone who can trick a user into visiting a malicious website. Users should update to the latest version of NPS computy to fix the issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in calliko NPS computy nps-computy allows DOM-Based XSS.This issue affects NPS computy: from n/a t...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in calliko NPS computy nps-computy allows DOM-Based XSS.This issue affects NPS computy: from n/a through <= 2.8.2.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026