| ID | CVE-2025-66574 | ||||||
| Sažetak | TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | None | ||||||
| Zadnje važnije ažuriranje | 04-12-2025 - 21:16 | ||||||
| Objavljeno | 04-12-2025 - 21:16 |
