Xactly has investigated the recently published vulnerabilities regarding React and Next.js, 'React2Shell' (CVE‑2025‑55182 and CVE‑2025‑66478).
Following an internal audit of our technology stack, we have verified that Xactly services remain unaffected, as our production environment does not rely on the vulnerable components or configurations identified.
We remain committed to the highest standards of security and data integrity. If you require further information, please reach out to your Xactly representative.
Xactly’s Site and Platforms are directed to corporate clients. The Site and Platforms are not directed toward persons under eighteen (18) years of age. We do not knowingly market to or collect any personal data from children under the age of eighteen (18). If you are under eighteen (18), you are not permitted to submit any personal data to us.
If you are a parent or guardian, and believe that we have the personal data of your minor child in our database, please contact us immediately at privacy@xactlycorp.com to request that we remove such information from our records.
