PT-2026-6001 · Unknown · Kod8 Sme Website+1
Aybike Vural
·
Published
2026-02-03
·
Updated
2026-02-03
·
CVE-2025-8456
CVSS v3.1
7.6
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
Kod8 Individual and SME Website versions through 03022026
Description
The Kod8 Individual and SME Website software contains a flaw related to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into web pages viewed by other users. The vendor was contacted regarding this issue but did not respond.
Recommendations
Versions through 03022026 should be updated when a fix becomes available.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kod8 Individual
Kod8 Sme Website