CVE-2025-4512

Name of the Vulnerable Software and Affected Versions Inetum IODAS versions 7.2-LTS.4.1-JDK7/7.2-RC3.2-JDK7

Description A problematic issue has been discovered, affecting an unknown function of the file /astre/iodasweb/app.jsp. The manipulation of the action argument leads to cross-site scripting. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations For Inetum IODAS versions 7.2-LTS.4.1-JDK7/7.2-RC3.2-JDK7, as a temporary workaround, consider restricting access to the /astre/iodasweb/app.jsp file to minimize the risk of exploitation. Avoid using the action argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.