Medium severity4.3NVD Advisory· Published Sep 16, 2025· Updated Apr 15, 2026
CVE-2025-2404
CVE-2025-2404
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ubit Information Technologies STOYS allows Cross-Site Scripting (XSS).This issue affects STOYS: from 2 before 20250916.
Affected products
1- Range: >=2, <20250916
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.