πŸ” CVE Alert

CVE-2025-40986

UNKNOWN 0.0

Reflected Cross-Site Scripting in PideTuCita

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the endpoint 'cookies/indes.php/<XSS>'. This vulnerability can be exploited to steal confidential user data, such as session cookies or to perform actions on behalf of the user.

CWE CWE-79
Vendor pidetucita
Product pidetucita
Published Feb 23, 2026
Last Updated Feb 24, 2026
Stay Ahead of the Next One

Get instant alerts for pidetucita pidetucita

Be the first to know when new unknown vulnerabilities affecting pidetucita pidetucita are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

PideTuCita / PideTuCita
v6.0.52

References

NVD β†— CVE.org β†— EPSS Data β†—
incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-pidetucita

Credits

Gonzalo Aguilar GarcΓ­a (6h4ack)