CVE-2025-59904

Name of the Vulnerable Software and Affected Versions Kubysoft (affected versions not specified)

Description A stored Cross-Site Scripting (XSS) issue exists in Kubysoft. The issue is triggered through multiple parameters in the /kForms/app endpoint, allowing for the injection and persistent execution of malicious scripts within the context of users accessing the affected resource. The vulnerable parameters are not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.