CVE-2025-13127

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and External Trade Inc. GoldenHorn allows Cross-Site Scripting (XSS). This issue affects GoldenHorn: before 4.25.1121.1.

low 3.5 CVSS 3.1

Published: Dec 10, 2025

Modified: Jun 4, 2026

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and External Trade Inc. GoldenHorn allows Cross-Site Scripting (XSS).

This issue affects GoldenHorn: before 4.25.1121.1.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0441
https://www.usom.gov.tr/bildirim/tr-25-0441

Version	3.1
Score	3.5 / 10
Severity	low