CVE-2026-25599 | Orca Energy Heat Pump/User Portal HTTP Connection cross site scripting

A vulnerability, which was classified as problematic, has been found in Orca Energy Heat Pump and User Portal. Affected is an unknown function of the component HTTP Connection Handler. Performing a manipulation results in cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is identified as CVE-2026-25599. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-25599 | Orca Energy Heat Pump/User Portal HTTP Connection cross site scripting

Post correlati

CVE-2024-11187 | ISC BIND up to 9.11.37/9.16.50/9.18.32/9.20.4/9.21.3 Additional Section Record resource consumption

CVE-2025-65681 | Overhang tutor 20.0.2 information disclosure

CVE-2024-22283 | Delhivery Logistics Courier Plugin up to 1.0.107 on WordPress sql injection

CVE-2024-3089 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Manage Ambulance Page manage-ambulance.php del cross-site request forgery