CVE-2025-40904 — A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicio — CVE Database · The Intelligence Room