XSS Vulnerability in Proliz Software Ltd. OBS (Student Affairs Information System)
CVE-2025-14347

6.3MEDIUM

Key Information:

Vendor

Proliz Software Ltd.

Status
Obs (student Affairs Information System)0
Vendor
CVE Published:
17 December 2025

What is CVE-2025-14347?

A security issue exists in Proliz Software Ltd. OBS (Student Affairs Information System) versions prior to 26.5009, which can lead to Reflected Cross-site Scripting (XSS). This vulnerability arises from improper neutralization of input while generating web pages, allowing attackers to inject malicious scripts that can be executed in the context of a user's browser. Such attacks can compromise sensitive user information and reduce the overall security posture of affected organizations.

Affected Version(s)

OBS (Student Affairs Information System)0 0 < 26.5009

References

https://www.usom.gov.tr/bildirim/tr-25-0463

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Akıner KISA
JSON
.
CVE-2025-14347 : XSS Vulnerability in Proliz Software Ltd. OBS (Student Affairs Information System)