Xactly has investigated the recently published vulnerabilities regarding React and Next.js, 'React2Shell' (CVE‑2025‑55182 and CVE‑2025‑66478).
Following an internal audit of our technology stack, we have verified that Xactly services remain unaffected, as our production environment does not rely on the vulnerable components or configurations identified.
We remain committed to the highest standards of security and data integrity. If you require further information, please reach out to your Xactly representative.
This Policy may be amended from time to time. We will notify you by email sent to the e-mail address specified in your account or by means of a prominent notice on this Site prior to any material amendments becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
