Medium severity6.5NVD Advisory· Published Mar 26, 2025· Updated Jun 17, 2026
CVE-2025-26747
CVE-2025-26747
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 99colorthemes RainbowNews allows Stored XSS.This issue affects RainbowNews: from n/a through 1.0.7.
Affected products
2<=1.0.7+ 1 more
- (no CPE)range: <=1.0.7
- (no CPE)range: <=1.0.7
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.