The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
References
History

Wed, 02 Jul 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 01 Jul 2025 18:00:00 +0000

Type Values Removed Values Added
Description The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
Title CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-07-01T17:51:53.979Z

Updated: 2025-07-01T18:47:23.334Z

Reserved: 2025-04-15T19:15:22.550Z

Link: CVE-2025-34080

cve-icon Vulnrichment

Updated: 2025-07-01T18:47:18.943Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-01T18:15:24.487

Modified: 2025-07-03T15:14:12.767

Link: CVE-2025-34080

cve-icon Redhat

No data.