CVE-2025-14347

Name of the Vulnerable Software and Affected Versions Proliz Software Ltd. OBS (Student Affairs Information System) versions prior to 26.5009

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting (XSS) condition. This allows for the execution of malicious scripts within the context of a user's browser. The vulnerability exists in the way the application handles user-supplied data when constructing web pages. The vulnerable component is susceptible to injection of malicious code through crafted input.

Recommendations Update to version 26.5009 or later.