CVE-2025-66574

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the Open Object in Tree endpoint, allowing attackers to steal session cookies and potentially escalate privileges...

CVE-2025-66574

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the Open Object in Tree endpoint, allowing attackers to steal session cookies and potentially escalate privileges...

CVE-2025-66574 TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS)

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the Open Object in Tree endpoint, allowing attackers to steal session cookies and potentially escalate privileges...

CVE-2025-66574

Summary: TranzAxis 3.2.41.10.26 is vulnerable to a stored XSS via the Open Object in Tree API endpoint. This authenticated-user vulnerability can lead to session cookie theft and potential privilege escalation. Root cause: stored cross-site scripting in the Open Object in Tree endpoint. Affected ...

Taiko Alethia 跨站脚本漏洞

Taiko Alethia is an open source Taiko Labs collection of software for implementing the Ethernet-based ZK-EVM Rollup protocol for the Taiko Layer 2 network. A cross-site scripting vulnerability exists in Taiko Alethia version 3.2.41.10.26, which stems from the presence of cross-site script injecti...