CVE-2025-22373

Name of the Vulnerable Software and Affected Versions: SicommNet BASEC versions from 14 Dec 2021

Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Reflected XSS, XSS Through HTTP Query Strings, Rendering of Arbitrary HTML, and alteration of CSS Styles.

Recommendations: For versions from 14 Dec 2021, as a temporary workaround, consider restricting user input in web page generation to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.