CVE Catalog

CVE-2026-10857

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-10857 describes improper neutralization of input during web page generation, leading to Reflected XSS vulnerabilities in AKIN Software's e-Commerce.

Risk Assessment

An attacker could exploit this vulnerability to inject malicious JavaScript code, potentially leading to user data theft or session hijacking.

Recommendation

It is recommended to update the e-Commerce software to version 1.25.01.06 or later to mitigate this vulnerability.

Original NVD description (English source)

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. E-Commerce allows Reflected XSS. This issue affects e-Commerce: before 1.25.01.06.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS