CVE-2025-26550

Summary

CVE-2025-26550 is a newly identified vulnerability affecting the Global Meta Keyword & Description software version 2.3 and below. This issue combines two threats: Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS). The CSRF vulnerability allows an attacker to execute malicious actions on behalf of an unsuspecting user, while the Stored XSS component permits the injection of malicious scripts into web pages that are viewed by other users. An attacker can exploit this flaw to steal sensitive information or take control of user sessions. It is recommended that users upgrade to the latest version of the software to mitigate these risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.