CVE-2025-1301

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation System allows Reflected XSS. This issue affects Library Automation System: before 21.6.

medium 6.1 CVSS 3.1
Published: May 2, 2025
Modified: Jun 6, 2026
Vendor: Yordam
Product: Library Automation System

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation System allows Reflected XSS.

This issue affects Library Automation System: before 21.6.

References

Related CVEs

CVE-2023-4676 medium · 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yordam MedasPro allows Reflected XSS. This issue affects MedasPro: before 28.
CVE-2022-2266 medium · 6.1
University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the vers