PatchSiren cyber security CVE debrief
CVE-2025-8456 Kod8 Software Technologies Trade Ltd. Co. CVE debrief
CVE-2025-8456 is a high-severity vulnerability in Kod8 Individual and SME Website, allowing for Reflected XSS attacks. The vulnerability has a CVSS score of 7.6 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-8456).
- Vendor
- Kod8 Software Technologies Trade Ltd. Co.
- Product
- Kod8 Individual and SME Website
- CVSS
- HIGH 7.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-03
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-03
- Advisory updated
- 2026-06-05
Who should care
Users of Kod8 Individual and SME Website, particularly those using versions through 03022026, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, allowing for Reflected XSS attacks. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates to Kod8 Individual and SME Website to prevent exploitation of this vulnerability.
- Use secure coding practices to prevent similar vulnerabilities in the future.
- Monitor for suspicious activity on affected systems.
Evidence notes
The vendor was contacted early about this disclosure but did not respond in any way.
Official resources
CVE-2025-8456 was published on 2026-02-03T09:16:09.740Z and modified on 2026-06-05T12:16:32.667Z.