CVE-2025-59766 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's b…
Medium CVSS: 5.1

CVE-2025-59766

Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_LT.ASP'.
Vendor
Andsoft
Product
E-tms
CWE
CWE-79
Yayın Tarihi
2025-10-02 15:15:57
Güncelleme
2025-10-02 19:52:20
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-79 E-tms MEDIUM Andsoft 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/update-24092025-multiple-vulnerabilities-andsofts-e-tms