Cross-Site Scripting Vulnerability in AndSoft e-TMS
CVE-2025-59755
6.9MEDIUM
What is CVE-2025-59755?
The Cross-Site Scripting vulnerability in AndSoft's e-TMS v25.03 is a significant security flaw that allows attackers to execute arbitrary JavaScript code in the browsers of unsuspecting users. By exploiting this vulnerability, an attacker can craft a malicious URL containing harmful scripts that, when opened by the victim, bypass browser security mechanisms. This attack targets specific parameters such as 'l', 'demo', 'demo2', 'TNTLOGIN', 'UO', and 'SuppConn', ultimately compromising user data and potentially leading to further attacks.
Affected Version(s)
e-TMS v25.03 version