Medium severityNVD Advisory· Published Jul 22, 2025· Updated Apr 15, 2026

CVE-2025-34141

Description

A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/nvd
www.etq.com/blog/etq-reliance-security-update/nvd
www.etq.com/product-overview/nvd
www.vulncheck.com/advisories/etq-reliance-cg-reflected-xss-in-sqlconverterservletnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000