PT-2025-17372 · Verisay Communication Information Technology Industry Trade · Titarus

Berat Arslan

Published

2025-04-19

Updated

2026-01-19

CVE-2025-2405

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Name of the Vulnerable Software and Affected Versions Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus versions prior to 2.144.4

Description The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Cross-Site Scripting (XSS). This means that malicious scripts can be injected into web pages, potentially compromising user data or system security. The issue affects the Titarus product.

Recommendations Update to version 2.144.4 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-2405

Affected Products

Titarus

CVE-2025-2405

Weakness Enumeration

Related Identifiers

Affected Products

References · 9