CVE-2025-23626

Name of the Vulnerable Software and Affected Versions Kumihimo versions n/a through 1.0.2

Description The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows reflected XSS. This enables an attacker to inject malicious scripts into a website, potentially affecting users who visit the compromised page.

Recommendations For versions n/a through 1.0.2, update to a version later than 1.0.2 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.