Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim's browser when a malicious URL with the 'q' parameter in '/search' is sent to them. This vulnerability can be exploited to steal sensitive information such as session cookies or to perform actions on behalf of the victim.
CVE-2025-40700: Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScr…
CVE-2025-40700: Reflected XSS in IDI Eikon's Governalia allows attackers to execute JavaScript via malicious URLs with the 'q' parameter in '/search'.