CVE-2025-70365

Name of the Vulnerable Software and Affected Versions Kiamo versions prior to 8.4

Description A stored cross-site scripting (XSS) issue exists due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users viewing the affected pages.

Recommendations Update to version 8.4 or later.