Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Podcast Generator Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2025-70336 - Vulnerability Database
Podcast Generator

Podcast Generator Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2025-70336

Medium
Reference: CVE-2025-70336
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-70336
Title: Podcast Generator Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

A Stored cross-site scripting (XSS) vulnerability in 39Create New Live Item39 in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 39TITLE39 39SHORT DESCRIPTION39 and 39LONG DESCRIPTION39 parameters. The saved payload gets executed on 39View All Live Items39 and 39Live Stream39 pages.