Xactly has investigated the recently published vulnerabilities regarding React and Next.js, 'React2Shell' (CVE‑2025‑55182 and CVE‑2025‑66478).
Following an internal audit of our technology stack, we have verified that Xactly services remain unaffected, as our production environment does not rely on the vulnerable components or configurations identified.
We remain committed to the highest standards of security and data integrity. If you require further information, please reach out to your Xactly representative.
Xactly has established internal mechanisms to verify its ongoing adherence to this Policy. Xactly encourages individuals covered by this Policy to raise any concerns about our processing of personal data by contacting us at: privacy@xactlycorp.com or at the address listed directly below:
Xactly Corporation
221 Saratoga-Los Gatos Road
Los Gatos, CA 95030
United States
After a complaint or concern is received, Xactly will work internally to resolve the issue. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at: https://feedback-form.truste.com/watchdog/request.
