CVE-2025-11950

Name of the Vulnerable Software and Affected Versions KNOWHY Advanced Technology Trading Ltd. Co. EduAsist versions through 27022026

Description EduAsist is susceptible to a Reflected Cross-site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts into web pages viewed by other users. The vendor was contacted regarding this issue but did not respond.

Recommendations Versions prior to 27022026 should be updated.