CNNVD-202510-4370 Information

CNNVD ID

CNNVD-202510-4370

Related CVE

CVE-2025-61427

• CNNVD Published: 2025-10-31

Description (Chinese)

BEO Atlas Einfuhr Ausfuhr是德国BEO公司的一套进出口报关自动化的软件系统。 BEO Atlas Einfuhr Ausfuhr 3.0版本存在安全漏洞，该漏洞源于对userid和password参数的特制输入处理不当，可能导致反射型跨站脚本攻击。

Description (English)

BEO Atlas Einfuhr Ausfuhr is an automated software system for import and export clearance for BeO Germany. BEO Atlas Einfuhr Ausfuhr 3.0 has a security loophole, which stems from the inappropriate handling of custom-made inputs to the userid and password parameters, which may result in a reflector-type cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

BEO

Published

2025-10-31

Last Modified

2026-02-24

References

https://ttz-wue.fiw.thws.de/blog/index.php/2025/10/31/ttz-wue-entdeckt-neue-schwachstelle-reflected-cross-site-scripting-xss-in-beo-gmbh-beo-atlas-einfuhr-ausfuhr-3-0/ https://access.redhat.com/security/cve/cve-2025-61427