PatchSiren cyber security CVE debrief
CVE-2025-8303 EKA Software Computer Information Advertising Services Ltd. CVE debrief
CVE-2025-8303 is an Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 (With Doping Module – Store Module – New Language System). This issue allows Cross-Site Scripting (XSS). The vulnerability affects Real Estate Script V5 (With Doping Module – Store Module – New Language System) through version 17022026. The CVSS score for this vulnerability is 6.5, with a severity rating of MEDIUM. The CVE was published on [cvePublishedAt] and modified on [cveModifiedAt].
- Vendor
- EKA Software Computer Information Advertising Services Ltd.
- Product
- Real Estate Script V5 (With Doping Module – Store Module – New Language System)
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-17
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-17
- Advisory updated
- 2026-06-05
Who should care
Developers and administrators using EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 (With Doping Module – Store Module – New Language System) through version 17022026 should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, allowing for Cross-Site Scripting (XSS) attacks. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L.
Defensive priority
MEDIUM
Recommended defensive actions
- Update Real Estate Script V5 (With Doping Module – Store Module – New Language System) to a version beyond 17022026.
- Implement input validation and sanitization to prevent XSS attacks.
Evidence notes
The vendor was contacted early about this disclosure but did not respond in any way.
Official resources
CVE-2025-8303 was published on 2026-02-17T12:16:15.280Z and modified on 2026-06-05T13:16:34.927Z.