CVE-2025-2865

Name of the Vulnerable Software and Affected Versions SaTECH BCU version 2.1.3

Description The issue allows XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users, causing them to interpret the code stored on another malicious website owned by the attacker.

Recommendations For SaTECH BCU version 2.1.3, consider restricting access to the web server to minimize the risk of exploitation. As a temporary workaround, avoid using the web application until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.