Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2025-14320 -- CVSS 9.8 Vulnerability Briefing

CVE-2025-14320 | CVSS 9.8 (Critical) | Exploit: No known exploit

What Is It

CVE-2025-14320 is a cross-site scripting (XSS) vulnerability in the Online Support Application developed by Tegsoft Management and Information Services Trade Limited Company, a web-based customer support platform.

Technical Detail

The flaw stems from improper neutralization of user-supplied input during web page generation, a classic reflected or stored XSS condition depending on the injection point within the application. An attacker can craft malicious input that is rendered as executable script content in a victim's browser session, potentially enabling session hijacking, credential theft, or unauthorized actions performed on behalf of the authenticated user. The CVSS score of 9.8 suggests the vulnerability is remotely exploitable with no authentication required and minimal user interaction, which is atypical for standard XSS and may indicate the flaw has broader impact than a conventional client-side injection, possibly affecting server-side rendering logic or administrative interfaces.

Exploitation Status

No known exploit code has been identified for this vulnerability as of the time of publication. The exploit maturity is rated at the lowest tier, indicating no public proof-of-concept, no weaponized tooling, and no confirmed exploitation activity. This vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Who Is Targeting This

No specific threat actor attribution at this time. No campaigns, targeted sectors, or adversary groups have been linked to exploitation of this vulnerability in available intelligence sources.

What To Do

Organizations using the Tegsoft Online Support Application should contact the vendor immediately to obtain a patched version or security advisory, as no specific patch version is confirmed in current public disclosures. In the interim, restrict access to the application to trusted networks or authenticated users where operationally feasible, and implement a web application firewall with XSS filtering rules as a compensating control. Security teams should review application logs for anomalous script injection patterns in input fields and monitor for unexpected session activity or privilege changes originating from the support application. Given the critical CVSS rating, patching should be treated as high priority even in the absence of confirmed active exploitation.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →