CVE-2025-66574

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the Open Object in Tree endpoint, allowing attackers to steal session cookies and potentially escalate privileges...

CVE-2025-66574 TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS)

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the Open Object in Tree endpoint, allowing attackers to steal session cookies and potentially escalate privileges...

Taiko Alethia 跨站脚本漏洞

Taiko Alethia is an open source Taiko Labs collection of software for implementing the Ethernet-based ZK-EVM Rollup protocol for the Taiko Layer 2 network. A cross-site scripting vulnerability exists in Taiko Alethia version 3.2.41.10.26, which stems from the presence of cross-site script injecti...

TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version: 3.2.41.10.26 Tested on: Window Server 2016 1. Login to web application 2. Click on Entire...