CVE-2026-25013

Name of the Vulnerable Software and Affected Versions Phox Hosting versions through 2.0.8

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows for the execution of malicious scripts within the context of a user's browser. The flaw exists in the way the application handles user-supplied data when constructing web pages.

Recommendations Update Phox Hosting to a version greater than 2.0.8.