CVE-2025-8303

Summary

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 (With Doping Module – Store Module – New Language System) allows Cross-Site Scripting (XSS).

This issue affects Real Estate Script V5 (With Doping Module – Store Module – New Language System): through 17022026.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
EKA Software Computer Information Advertising Services Ltd.Real Estate Script V5 (With Doping Module – Store Module – New Language System)0 <= 17022026affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References