Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. INFOREX- General Information Management System allows XSS Th...
CVE-2025-8308
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. INFOREX- General Information Management System allows XSS Through HTTP Headers.This issue affects INFOREX- General Information Management System: from 2025 and bef...
Original title
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. INFOREX- General Information Management System allows XSS Th...
Original description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Key Software Solutions Inc. INFOREX- General Information Management System allows XSS Through HTTP Headers.This issue affects INFOREX- General Information Management System: from 2025 and before through 18022026.
NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS3.1
6.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026