CVE-2025-23976

Summary

CVE-2025-23976 is a recently disclosed vulnerability affecting the Issuu Panel, versions from n/a to 2.1.1. This issue combines two serious threats: Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS). A successful attack could result in unauthorized commands being executed on the affected system, potentially leading to data theft or unintended actions. The CSRF vulnerability allows an attacker to submit malicious requests on behalf of a user, while the Stored XSS issue enables the injection of malicious scripts into web pages, which persist even after the page is reloaded. Together, these vulnerabilities pose a significant risk to users of the Issuu Panel.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.