CVE-2025-34141 is a reflected cross-site scripting (XSS) vulnerability identified in the legacy ETQ Reliance CG platform, specifically within the SQLConverterServlet component. This vulnerability stems from improper neutralization of user-supplied input during web page generation, classified under CWE-79 and CWE-116. An attacker can craft a malicious URL that, when clicked by an authenticated user, causes the servlet to reflect malicious scripts back to the user's browser, leading to unauthorized script execution in the user's security context. This can result in session hijacking, credential theft, or unauthorized actions performed on behalf of the user. The vulnerability does not require any privileges or authentication beyond normal user access, but does require user interaction (clicking a malicious link). The affected servlet was unnecessarily exposed to authenticated users, increasing the attack surface. The vendor has addressed this by disabling the vulnerable servlet in version SE.2025.1. The CVSS 4.0 base score of 5.1 indicates a medium severity, with network attack vector, low attack complexity, no privileges required, user interaction required, and limited scope impact. No public exploits have been reported to date, but the vulnerability remains a risk for organizations using legacy versions of ETQ Reliance CG that have not applied the mitigation.

For European organizations using the legacy ETQ Reliance CG platform, this vulnerability poses a risk of unauthorized script execution within authenticated user sessions. Potential impacts include theft of session tokens, unauthorized actions performed on behalf of users, and exposure of sensitive information accessible through the application. This can lead to data breaches, compliance violations (e.g., GDPR), and operational disruptions. Since the vulnerability requires user interaction, targeted phishing or social engineering campaigns could be used to exploit it. Organizations in regulated sectors such as manufacturing, pharmaceuticals, or quality management—where ETQ Reliance CG is commonly deployed—may face heightened risk. The exposure of the vulnerable servlet to authenticated users increases the attack surface, making internal threat actors or compromised users potential vectors. Although no known exploits are currently in the wild, the medium severity and ease of exploitation warrant prompt remediation to prevent future attacks.

European organizations should immediately verify if they are running legacy versions of ETQ Reliance CG with the SQLConverterServlet component enabled. The primary mitigation is to upgrade to version SE.2025.1 or later, where the vulnerable servlet has been disabled. If upgrading is not immediately feasible, organizations should disable or restrict access to the SQLConverterServlet component to prevent exploitation. Implement strict input validation and output encoding on all user-supplied data to prevent reflected XSS. Employ Content Security Policy (CSP) headers to limit the impact of any injected scripts. Conduct user awareness training to reduce the risk of phishing or social engineering attacks that could trigger the vulnerability. Monitor web application logs for suspicious requests targeting the vulnerable servlet. Finally, integrate this vulnerability into vulnerability management and patching workflows to ensure timely remediation.