Reflected Cross-Site Scripting Vulnerability in OBS by Proliz Software Ltd.
CVE-2025-10914

7.6HIGH

Key Information:

Vendor: Proliz Software Ltd. Co.
Status: Obs (student Affairs Information System)
Vendor: CVE Published:; 23 October 2025

🔔 Create Proliz Software Ltd. Co. Vulnerability Alert

What is CVE-2025-10914?

A vulnerability exists in Proliz Software Ltd.'s OBS (Student Affairs Information System), which allows for reflected cross-site scripting (XSS) attacks. This issue enables attackers to inject malicious scripts into web pages that are returned to users, potentially compromising sensitive information or executing unauthorized actions in the context of the victim's browser. This vulnerability affects all versions prior to V26.0401, highlighting the importance of prompt updates and adherence to best security practices to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

OBS (Student Affairs Information System) 0

References

https://www.usom.gov.tr/bildirim/tr-25-0357

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 23, 2025
Vulnerability Reserved
Sep 24, 2025

Credit

Akıner KISA

JSON

Proliz Software Ltd. Co.