CVE-2025-40719
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF.
Vendor
Product
CWE
Yayın Tarihi
2025-07-08 12:15:23
Güncelleme
2025-10-18 01:33:16
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-