Reprise · Reprise License Manager · CVE-2025-25939
**Name of the Vulnerable Software and Affected Versions**
Reprise License Manager version 14.2
**Description**
The issue concerns reflected cross-site scripting. It can be exploited through the /goform/activate process API endpoint via the `akey` parameter.
**Recommendations**
For Reprise License Manager version 14.2, consider restricting access to the /goform/activate process endpoint or avoid using the `akey` parameter until a fix is available.