Vulnerability Details CVE-2025-59767
Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_LVE.ASP'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.0%
CVSS Severity
CVSS v3 Score 6.1