Security Advisory

CVE-2025-59752

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-02 14:25:11

Last updated 2025-10-02 15:45:11

Assigner INCIBE

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability reflected in AndSofts e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victims browser by sending them a malicious URL. The relationship between parameter and assigned identifier is l, demo, demo2, TNTLOGIN, UO and SuppConn parameters in /clt/LOGINFRM_LXA.ASP.

← Browse all CVEs View on cve.org ↗