CVE-2025-61427

Name of the Vulnerable Software and Affected Versions BEO GmbH BEO Atlas Einfuhr Ausfuhr version 3.0

Description A reflected cross-site scripting (XSS) issue exists in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0. This allows attackers to execute arbitrary code within a user’s browser. Exploitation occurs by injecting a malicious payload into the userid and password parameters. The API endpoint is not explicitly mentioned.

Recommendations Apply any available updates or patches for BEO GmbH BEO Atlas Einfuhr Ausfuhr version 3.0. Sanitize user-supplied input for the userid and password parameters to prevent the injection of malicious scripts. Implement appropriate output encoding to neutralize any potentially harmful characters in the reflected output. At the moment, there is no information about a newer version that contains a fix for this vulnerability.