Stored XSS in Proliz Software’s OBS_CVE-2025-10467

8.9 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Stored XSS.This issue affects OBS (Student Affairs Information System): before v25.0401.

Basic Information

ID CVE-2025-10467

Source TR-CERT

Published Sep 25, 2025 at 13:30

Affected Product

Vendor PROLIZ Computer Software Hardware Service Trade Ltd. Co.

Product OBS (Student Affairs Information System)

Affected Versions PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) 0

CWE Classification

CWE-79

References

www.usom.gov.tr /bildirim/tr-25-0298

{
    "lastseen": "",
    "description": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Stored XSS.This issue affects OBS (Student Affairs Information System): before v25.0401.",
    "published": "2025-09-25T13:30:04.076Z",
    "modified": "2025-09-25T13:30:04.076Z",
    "type": "cve",
    "title": "Stored XSS in Proliz Software's OBS",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0298",
    "id": "CVE-2025-10467",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.9,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OBS (Student Affairs Information System)",
    "version": "0",
    "vendor": "PROLIZ Computer Software Hardware Service Trade Ltd. Co.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}