Back to search
CVE-2025-40720
Published: Jul 8, 2025
Modified: Jul 10, 2025
PUBLISHED
Description
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /<Client>FacturaE/VerFacturaPDF.
| Vendor | Product | Versions |
|---|---|---|
Quiter | Quiter Gateway (Java WAR on Apache Tomcat) | affected 0 - < 4.7.0 |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now