Cross-Site Scripting Vulnerability in Tekrom Technology E-Commerce Software
CVE-2025-0545

4.7MEDIUM

Key Information:

Vendor

Tekrom Technology

Status
T-soft E-commerce
Vendor
CVE Published:
24 February 2025

What is CVE-2025-0545?

The vulnerability in Tekrom Technology's T-Soft E-Commerce results from improper handling of input during web page generation, leading to Cross-Site Scripting (XSS). Attackers can exploit this flaw to inject malicious scripts into web pages viewed by users. This can potentially allow unauthorized access to sensitive user data or session hijacking, thereby compromising the integrity of the web application. Affected versions include all T-Soft E-Commerce releases prior to v5.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

T-Soft E-Commerce 0

References

https://www.usom.gov.tr/bildirim/tr-25-0041

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Berat ARSLAN
JSON
.