Cross-Site Scripting Vulnerability in Akinsoft TaskPano Software
CVE-2024-13073

4.7MEDIUM

Key Information:

Vendor: Akinsoft
Status: Taskpano
Vendor: CVE Published:; 4 September 2025

What is CVE-2024-13073?

The vulnerability in Akinsoft TaskPano involves improper neutralization of user input during web page generation, enabling attackers to execute malicious scripts in the context of the user's browser. This flaw primarily affects version s1.06.04 of the software, posing a significant risk for web application interactions. Attackers exploiting this vulnerability could manipulate session cookies, redirect users, or harvest sensitive information, thereby compromising user security and privacy. Regular updates and proper input validation are essential to mitigate potential threats.

Affected Version(s)

TaskPano s1.06.04

References

https://www.usom.gov.tr/bildirim/tr-25-0208

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Dec 31, 2024

Credit

Berat ARSLAN