Filtered by vendor Compassplustechnologies
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66574 | 1 Compassplustechnologies | 1 Tranzaxis | 2025-12-19 | N/A | 5.4 MEDIUM |
| TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges. | |||||