Reflected XSS Vulnerability in ETQ Reliance CG Platform
CVE-2025-34141

5.1MEDIUM

Key Information:

Vendor

Etq

Status
Reliance Cg (legacy)
Vendor
CVE Published:
22 July 2025

What is CVE-2025-34141?

A reflected cross-site scripting (XSS) vulnerability has been identified in the ETQ Reliance CG legacy platform, specifically within the SQLConverterServlet component. This security flaw enables an attacker to execute unauthorized scripts within the user's browser context, requiring user interaction to exploit, such as clicking on a specially crafted link. The vulnerability's impact is exacerbated by the servlet being unnecessarily exposed to authenticated users, which has led to it being disabled in version SE.2025.1. Users are advised to upgrade to this version or later to enhance their security posture.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Reliance CG (legacy) *

References

https://www.etq.com/product-overview/
product
https://www.etq.com/blog/etq-reliance-security-update/
vendor-advisorypatch
https://slcyber.io/assetnote-security-research-center/how...
technical-description

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Adam Kues and Shubham Shah of Assetnote
JSON
.