Filtered by vendor Compassplustechnologies Subscriptions
Filtered by product Tranzaxis Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-66574 2 Compassplus, Compassplustechnologies 2 Tranzaxis, Tranzaxis 2025-12-19 5.4 Medium
TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.