2 matches found
CVE-2025-59767
CVE-2025-59767 : AndSoft e-TMS is vulnerable to a reflected XSS in v25.03. The issue arises from lack of proper input filtering/escaping in parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the endpoint /clt/LOGINFRM_LVE.ASP. An attacker can lure a user to a malicious URL to execute JavaSc...
PT-2025-40393
Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting issue exists that allows an attacker to execute JavaScript code in a victim's browser. This is achieved by sending a malicious URL. The vulnerability is reflected in the...