CVE 9.8 CRITICAL

XSS in Tegsoft’s Online Support Application_CVE-2025-14320

May 4, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS.

This issue affects Online Support Application: from V3 through 31122025.

AI Analysis

Reflected XSS vulnerability in Tegsoft's Online Support Application due to improper neutralization of input during web page generation

Basic Information

ID CVE-2025-14320

Source TR-CERT

Published May 4, 2026 at 07:41

Affected Product

Vendor Tegsoft Management and Information Services Trade Limited Company

Product Online Support Application

Version V3

Affected Versions Tegsoft Management and Information Services Trade Limited Company Online Support Application V3

CWE Classification

CWE-79

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Tegsoft Management and Information Services Trade Limited Company

Product Online Support Application

Version V3

References

www.usom.gov.tr /bildirim/tr-26-0142

{
    "lastseen": "",
    "description": "Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS.\n\nThis issue affects Online Support Application: from V3 through 31122025.",
    "published": "2026-05-04T07:41:35.813Z",
    "modified": "2026-05-04T07:41:35.813Z",
    "type": "cve",
    "title": "XSS in Tegsoft's Online Support Application",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-26-0142",
    "id": "CVE-2025-14320",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "Tegsoft Management and Information Services Trade Limited Company Online Support Application V3",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Support Application",
    "version": "V3",
    "vendor": "Tegsoft Management and Information Services Trade Limited Company",
    "ai_description": "Reflected XSS vulnerability in Tegsoft's Online Support Application due to improper neutralization of input during web page generation",
    "ai_severity": "Critical",
    "ai_vendor": "Tegsoft Management and Information Services Trade Limited Company",
    "ai_product": "Online Support Application",
    "ai_version": "V3",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply