CVE-2025-57145 is a cross-site scripting (XSS) vulnerability identified in the ATSMS web application, specifically within the search-autootaxi.php endpoint. This vulnerability arises because the application does not properly sanitize user input submitted through a form field. As a result, an attacker can inject arbitrary JavaScript code that is stored persistently in the backend. When a user or administrator accesses the affected report page, the malicious script executes in their browser context. This persistent XSS attack vector enables attackers to exfiltrate sensitive information such as session cookies, hijack user sessions, and perform unauthorized actions on behalf of the victim within the application. The vulnerability is particularly dangerous because it leverages stored payloads, increasing the likelihood of exploitation by multiple users, including privileged administrators. Although no specific affected versions or patches have been disclosed, the vulnerability is publicly known as of September 16, 2025, and no known exploits are currently reported in the wild. The lack of a CVSS score requires an independent severity assessment based on the potential impact and exploitability factors.

For European organizations using the ATSMS web application, this vulnerability poses significant risks. The ability to execute arbitrary JavaScript in the context of authenticated users can lead to session hijacking, unauthorized data access, and manipulation of application functionality. This could compromise the confidentiality and integrity of sensitive data managed by ATSMS, potentially including personal data protected under GDPR. The persistent nature of the XSS increases the attack surface, as multiple users may be exposed to the malicious payload. Organizations operating critical transportation or taxi management services that rely on ATSMS could face operational disruptions, reputational damage, and regulatory penalties if exploited. Furthermore, attackers could leverage this vulnerability as a foothold for broader network intrusion or lateral movement within an organization’s infrastructure.

To mitigate this vulnerability, organizations should implement strict input validation and output encoding on all user-supplied data, especially within the search-autootaxi.php endpoint. Employing a robust web application firewall (WAF) configured to detect and block XSS payloads can provide an additional layer of defense. Regularly auditing and sanitizing stored data to remove malicious scripts is recommended. Since no patches are currently available, organizations should consider restricting access to the vulnerable endpoint to trusted users only and monitor logs for suspicious activity. Implementing Content Security Policy (CSP) headers can help limit the impact of injected scripts by restricting the sources from which scripts can be loaded. Finally, educating users and administrators about the risks of XSS and encouraging cautious behavior when interacting with reports can reduce exploitation likelihood.