CVE-2025-61427
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-31

Last updated on: 2025-11-04

Assigner: MITRE

Description
A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the userid and password parameters.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-31
Last Modified
2025-11-04
Generated
2026-06-16
AI Q&A
2025-11-01
EPSS Evaluated
2026-06-14
NVD
CVE-2025-61427
EUVD
EUVD-2025-37355
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
beo_gmbh beo_atlas_einfuhr_ausfuhr 3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-61427 is a reflected Cross-Site Scripting (XSS) vulnerability in the login component of BEO GmbH's BEO Atlas Einfuhr Ausfuhr 3.0 software. It occurs because the URL parameters 'userid' and 'password' are not properly escaped or validated before being reflected in the login page's DOM. This allows an attacker to craft a malicious URL containing JavaScript code that executes in the victim's browser when clicked. The attacker can use this to steal session cookies, manipulate the page, or load additional malicious code. The vulnerability was due to a misconfiguration that made the login page externally accessible, and it was discovered through authorized testing. A patch was released on August 19, 2025, to fix the issue. [1]

Impact Analysis

This vulnerability can impact you by allowing attackers to execute arbitrary JavaScript code in your browser when you click a specially crafted link. This can lead to theft of session cookies, unauthorized manipulation of the web page, or loading of further malicious code. Such actions can compromise your account security, lead to unauthorized access, or cause other harmful effects depending on the attacker's payload. [1]

Detection Guidance

This vulnerability can be detected by testing the login page for reflected XSS via the 'userid' and 'password' URL parameters. You can try accessing the login URL with a crafted payload such as: ?userid=\"><script>alert(1)</script>&password=anything to see if the script executes in the browser. Additionally, directory scanning and targeted penetration tests focusing on unsanitized URL parameters can help identify the issue. There are no specific commands provided, but using tools like curl or browser-based testing with the crafted URL can help detect the vulnerability. [1]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to apply the patch released by BEO GmbH on August 19, 2025, which fixes the reflected XSS issue by properly escaping and validating the 'userid' and 'password' parameters. Additionally, restrict external access to the login page if it is intended for internal use only, to reduce exposure. Until the patch is applied, avoid clicking on suspicious URLs containing these parameters. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-61427. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart