QwikSec

Security Database

CVE

CWE

Training

CVE-2025-22373

Published: Apr 14, 2025

Modified: Apr 15, 2025

PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SicommNet BASEC on SaaS allows Reflected XSS, XSS Through HTTP Query Strings, Rendering of Arbitrary HTML and alternation of CSS Styles This issue affects BASEC: from 14 Dec 2021.

Vendor	Product	Versions
SicommNet	BASEC	affected `14 Dec 2021 - <= *`

Weaknesses (CWE)

References

https://basec.sicomm.net/login/

product

https://csirt.divd.nl/DIVD-2025-00001

third-party-advisory

https://csirt.divd.nl/CVE-2025-22373

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.