Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited …

A cross-site scripting (XSS) vulnerability has been identified in Tegsoft Management and Information Services Trade Limited Company's Online Support Application. The vulnerability is caused by improper neutralization of input during web page generation, allowing for reflected XSS attacks. This security flaw affects Online Support Application versions from V3 through 31122025. The vulnerability enables attackers to inject malicious scripts that execute in users' browsers when they interact with the affected application. This type of vulnerability can lead to session hijacking, credential theft, and other malicious activities targeting users of the application.