Enterprise Cloud Database developed by Ragic has a Stored Cross-Site Scripting vulnerability, allowing unauthenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load.
No action is required for the cloud version; the on-premises version must be updated to the patch released on or after April 10, 2026.