Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-14320: Tegsoft Online Support App: Malicious Code Injection Risk
CVE-2025-14320
Summary
A security flaw in the Tegsoft Online Support Application could allow hackers to inject malicious code into the application, potentially stealing sensitive information or taking control of user sessions. This issue affects versions of the application released between V3 and December 31, 2022. To stay secure, update the application to the latest version or consider replacing it with a more secure alternative.
Original title
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application al...
Original description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS.
This issue affects Online Support Application: from V3 through 31122025.
This issue affects Online Support Application: from V3 through 31122025.
nvd CVSS3.1
9.8
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 4 May 2026 · Updated: 28 May 2026 · First seen: 4 May 2026