PatchSiren cyber security CVE debrief
CVE-2025-8668 E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. CVE debrief
CVE-2025-8668 is a Reflected Cross-Site Scripting (XSS) vulnerability in Turboard, a product of E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. The vulnerability occurs due to improper neutralization of input during web page generation, allowing attackers to inject malicious scripts. This issue affects Turboard versions from 2025.07 before 2026.02. The CVE record was updated after the vendor implemented mitigations.
- Vendor
- E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co.
- Product
- Turboard
- CVSS
- CRITICAL 9.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-11
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-11
- Advisory updated
- 2026-06-05
Who should care
Users of Turboard versions from 2025.07 before 2026.02 should apply the vendor's mitigations to prevent exploitation of this vulnerability.
Technical summary
CVE-2025-8668 has a CVSS score of 9.4 and is classified as CRITICAL. The vulnerability is caused by improper neutralization of input during web page generation (XSS). The affected product is Turboard, with versions from 2025.07 before 2026.02 being vulnerable.
Defensive priority
HIGH
Recommended defensive actions
- Apply the vendor's mitigations by updating Turboard to version 2026.02 or later.
- Review and follow the vendor's security advisories for additional guidance.
Evidence notes
The CVE record was updated after the vendor implemented mitigations. The vulnerability affects Turboard versions from 2025.07 before 2026.02.
Official resources
CVE-2025-8668 was published on 2026-02-11T14:16:01.450Z and modified on 2026-06-05T12:16:33.820Z.