Cross-site Scripting Vulnerability in Inspectlet User Session Recording and Heatmaps

CVE-2025-49048

What is CVE-2025-49048?

A vulnerability exists in Inspectlet's User Session Recording and Heatmaps that allows for Stored Cross-site Scripting (XSS). This issue arises due to improper neutralization of input during web page generation, which can lead to malicious scripts being executed in the context of user sessions. Users running the affected versions should take immediate action to mitigate potential security risks. Implementing proper input validation and sanitization is crucial to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References