216.73.217.64

CVE-2025-34141

· Published 22/07/2025 13:15 · Modified 22/07/2025 13:15

Labels: CVE-2025-34141 2025-07-22CVE-2025-34141CWE-79[email protected]

Essential information

Published
22/07/2025 13:15
Modified
22/07/2025 13:15
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
etq / reliance cg cpe:2.3:a:etq:reliance_cg:*:*:*:*:*:*:*:*
etq / reliance cg cpe:2.3:a:etq:reliance_cg:SE.2025.1:*:*:*:*:*:*:*

References