From this webpage screenshot, the following key vulnerability information can be obtained: CVE ID: CVE-2025-50986 Affected Software Version: diskover-web v2.3.0 Community Edition Vulnerability Type: Multiple Stored Cross-Site Scripting (XSS) vulnerabilities Affected Configuration Fields: - ES_HOST - ES_INDEXREFRESH - ES_PORT - ES_SCROLLSIZE - ES_TRANSSIZE - ES_TRANSLOGSYNCINT - EXCLUDES_FILES - FILE_TYPES[] - INCLUDES_DIRS - INCLUDES_FILES - TIMEZONE Issue Description: These configuration fields do not properly sanitize user input, allowing malicious payloads to be persisted and executed. Example Payloads: This information indicates that diskover-web v2.3.0 Community Edition contains XSS vulnerabilities in multiple configuration fields. Attackers can exploit these vulnerabilities by submitting malicious payloads.