AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23536)

AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS, which originates from the lack of effective filtering and escaping of user-supplied data by parameter m in file /lib/asp/alert.asp, and can be exploited by an attacke...

CVE-2025-59746

AndSoft e-TMS v25.03 is affected by a reflected XSS vulnerability. The issue arises from lack of proper filtering/escaping of user data in the m parameter of /lib/asp/alert.asp, allowing an attacker to execute JavaScript in a victim’s browser via a malicious URL. Public documents (NVD/CNVD/CNNVD/...

PT-2025-40367

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting XSS issue exists that allows an attacker to execute JavaScript code in a victim’s browser. This is achieved by sending a malicious URL to a user. The vulnerability is reflected in...

AndSoft e-TMS 跨站脚本漏洞

AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS, which originates from the lack of effective filtering and escaping of user-supplied data by parameter m in file /lib/asp/alert.asp, and can be exploited by an attacke...