CVE-2026-8310 PUBLISHED

Reflected XSS in Webbeyaz's Mediküm Web

Assigner: TR-CERT
Reserved: 11.05.2026 Published: 08.07.2026 Updated: 08.07.2026

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Webbeyaz Web Design Mediküm Web allows Reflected XSS.

This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Score: 6.1

Product Status

Vendor Webbeyaz Web Design
Product Mediküm Web
Versions Default: unknown
  • affected from 0 to 08072026 (incl.)

References

Problem Types

  • CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') CWE

Impacts

  • CAPEC-591 Reflected XSS