← Zuruck zu CVEs
CVE-2025-34141
N/ABeschreibung
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht7/22/2025
Zuletzt geandert11/4/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-79CWE-116
Referenzen
https://slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/(disclosure@vulncheck.com)
https://www.etq.com/blog/etq-reliance-security-update/(disclosure@vulncheck.com)
https://www.etq.com/product-overview/(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/etq-reliance-cg-reflected-xss-in-sqlconverterservlet(disclosure@vulncheck.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.