CVE-2025-23472

Summary

CVE-2025-23472 is a Cross-Site Scripting (XSS) vulnerability affecting NotFound Flexo Slider from an unknown version up to 1.0013. criminals can exploit this issue by injecting malicious scripts into web pages generated by the slider, exposing users to potential security risks such as session hijacking, data theft, or unauthorized access. The vulnerability arises due to improper neutralization of user inputs, enabling attackers to inject and execute their code in users' browsers. Organizations and individuals using this slider version are advised to update to the latest, secure version as soon as possible to mitigate the risk of XSS attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.