Primary

Context

Mevzuattr Software MevzuatTR Cross-Site Scripting Vulnerability Allowing Phishing and Clickjacking

Vulnerability

A cross-site scripting vulnerability has been identified in Mevzuattr Software's MevzuatTR product, affecting versions prior to 12.02.2025. This vulnerability allows for improper neutralization of input during web page generation, leading to potential phishing attacks, iFrame overlays, clickjacking, and forceful browsing. The issue requires high privileges to exploit.

Impact

Exploitation of this vulnerability could enable phishing attacks, iFrame overlays, clickjacking, and forceful browsing.

Remediation

Users and system administrators are advised to review documentation and upgrade to versions released on or after 12.02.2025.

Added: Sep 17, 2025, 12:21 PM

Updated: Sep 17, 2025, 2:36 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mevzuattr Software MevzuatTR Cross-Site Scripting Vulnerability Allowing Phishing and Clickjacking

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating