2 matches found
CVE-2025-59771 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the bazariframe endpoint. An attacker can manipulate the web page content or hijack user sessions by injecting malicious scripts into the URL parameters. This allows stealing cookies from an authenticate...