CVE-2025-59905

Vulnerability Description

Cross-Site Scripting (XSS) vulnerability reflected in Kubysoft, which occurs through multiple parameters within the endpoint ‘/node/kudaby/nodeFN/procedure’. This flaw allows the injection of arbitrary client-side scripts, which are immediately reflected in the HTTP response and executed in the victim's browser.

Vulnerability Details

Published Date

February 16, 2026

Last Modified

February 18, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Kubysoft

Product

Kubysoft

External References

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-kubysoft

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment