Tranzaxis

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-66574 MEDIUM POC This Month

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.

XSS Tranzaxis

NVD Exploit-DB

CVSS 3.1

5.4

EPSS

0.0%

CVE-2025-66574

EPSS 0% CVSS 5.4

MEDIUM POC This Month

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open Object in Tree` endpoint, allowing attackers to steal session cookies and potentially escalate privileges.

XSS Tranzaxis

NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy