Cross-Site Scripting Vulnerability in IT's Workif by Isin Basi Advertisement Information Technologies
CVE-2025-0876

4.1MEDIUM

Key Information:

Vendor: Isin Basi Advertisement Information Technologies Trade Inc.
Status: It's Workif
Vendor: CVE Published:; 3 October 2025

🔔 Create Isin Basi Advertisement Information Technologies Trade Inc. Vulnerability Alert

What is CVE-2025-0876?

An improper neutralization of input during web page generation has been discovered in IT's Workif, enabling attackers to perform Cross-Site Scripting (XSS) attacks. This vulnerability allows users to execute arbitrary scripts in the context of a victim's browser, potentially leading to unauthorized actions or data theft. Affected users are encouraged to update their software promptly to mitigate risks associated with this flaw.

Affected Version(s)

IT's Workif 0 <= 20251003

References

https://www.usom.gov.tr/bildirim/tr-25-0312

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Jan 30, 2025

Credit

Berat ARSLAN

JSON