Login Sign Up

CVE-2025-59767

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

This reflected cross-site scripting (XSS) vulnerability in AndSoft's e-TMS allows attackers to inject malicious JavaScript via specially crafted URLs containing the 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters. When victims click these malicious links, the attacker can execute arbitrary code in their browser session. Organizations using AndSoft e-TMS v25.03 are affected.

💻 Affected Systems

Products:
  • AndSoft e-TMS
Versions: v25.03
Operating Systems: Windows (ASP-based application)
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the default installation of e-TMS v25.03 at the '/clt/LOGINFRM_LVE.ASP' endpoint.

📦 What is this software?

E Tms by Andsoft

View all CVEs affecting E Tms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on victim systems.

🟠

Likely Case

Session hijacking, credential theft, or defacement of the application interface through injected content.

🟢

If Mitigated

Limited impact if input validation and output encoding are properly implemented, though some user interface manipulation may still occur.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS vulnerabilities are commonly exploited with simple malicious URLs that don't require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.incibe.es/en/incibe-cert/notices/aviso/update-24092025-multiple-vulnerabilities-andsofts-e-tms

Restart Required: No

Instructions:

1. Monitor AndSoft for security updates. 2. Apply any available patches immediately. 3. Test in non-production environment first.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rules

all

Implement WAF rules to block malicious XSS payloads targeting the vulnerable parameters.

# WAF-specific rules vary by vendor

Input Validation Filter

windows

Add server-side validation to sanitize the vulnerable parameters before processing.

# Implementation depends on ASP application code

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution
  • Deploy network segmentation to limit access to vulnerable systems

🔍 How to Verify

Check if Vulnerable:

Test by injecting harmless payloads like <script>alert('test')</script> into the vulnerable parameters via URL.

Check Version:

Check application version in web interface or configuration files

Verify Fix Applied:

Retest with the same payloads after applying fixes; successful fix should show encoded output, not executed scripts.

📡 Detection & Monitoring

Log Indicators:

  • Unusual parameter values containing script tags or JavaScript in access logs
  • Multiple failed login attempts with malicious payloads

Network Indicators:

  • HTTP requests with suspicious parameters containing script tags or encoded payloads

SIEM Query:

web.url:*LOGINFRM_LVE.ASP* AND (web.param:*<script* OR web.param:*javascript:* OR web.param:*onerror=*)

📊 Metadata

CVE ID: CVE-2025-59767
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.05% exploit probability (16.4th percentile)
Published: October 2, 2025
Last Updated: October 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59767, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)