CVE-2025-59905

Name of the Vulnerable Software and Affected Versions Kubysoft (affected versions not specified)

Description A reflected Cross-Site Scripting (XSS) flaw exists in Kubysoft. The issue occurs through multiple parameters within the API endpoint /node/kudaby/nodeFN/procedure. This allows for the injection of arbitrary client-side scripts, which are immediately reflected in the HTTP response and executed in the victim's browser. The vulnerable parameters are not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.