CVE-2024-10539

MEDIUM 5.5

Reflected XSS in Uyumsoft's ERP

CVSS Score

5.5

EPSS Score

0.1%

EPSS Percentile

31th

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XSS. This issue affects Uyumsoft ERP: before Erp4.2109.166p45.

CWE	CWE-79
Vendor	uyumsoft informatin systems
Product	uyumsoft erp
Published	Jan 23, 2025
Last Updated	Jun 2, 2026

Stay Ahead of the Next One

Get instant alerts for uyumsoft informatin systems uyumsoft erp

Be the first to know when new medium vulnerabilities affecting uyumsoft informatin systems uyumsoft erp are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected Versions

Uyumsoft Informatin Systems / Uyumsoft ERP

0 < Erp4.2109.166p45

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0017 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0017

Credits

Yusuf Kamil CAVUSOGLU HAVELSAN Inc.