Cross-site Scripting Vulnerability in SicommNet BASEC
CVE-2025-22373

8.7HIGH

Key Information:

Vendor

Sicommnet

Status
Basec
Vendor
CVE Published:
14 April 2025

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2025-22373?

This vulnerability allows attackers to exploit improper input handling during web page generation, leading to Reflected Cross-site Scripting (XSS). With this flaw in SicommNet BASEC, malicious code can be executed via HTTP query strings, rendering arbitrary HTML and altering CSS styles on user browsers. This raises significant concerns for web application security, enabling potential data theft or session hijacking.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BASEC SaaS 14 Dec 2021

References

https://basec.sicomm.net/login/
product
https://csirt.divd.nl/DIVD-2025-00001
third-party-advisory
https://csirt.divd.nl/CVE-2025-22373
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jesse Meijer (DIVD)
Frank Breedijk (DIVD)
JSON
.