CVE-2025-2597 Information

Description

Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies. This vulnerability could allow an attacker to execute malicious Javascript code via GET and POST requests to the ‘/index.php’ endpoint and injecting code into the ‘id_session.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-vulnerability-itium-6050