Xactly has investigated the recently published vulnerabilities regarding React and Next.js, 'React2Shell' (CVE‑2025‑55182 and CVE‑2025‑66478).
Following an internal audit of our technology stack, we have verified that Xactly services remain unaffected, as our production environment does not rely on the vulnerable components or configurations identified.
We remain committed to the highest standards of security and data integrity. If you require further information, please reach out to your Xactly representative.
Xactly strives to comply with all applicable laws worldwide that are designed to protect your privacy. Although legal requirements may vary by jurisdiction, Xactly intends to adhere to the principles set forth in this Policy. Our goal is to provide protection for your personal data no matter where that personal data is collected, transferred, or retained.
Users from European Union (EU) member countries and Switzerland are provided with further information under the Privacy Shield section of this Policy.
