Cyber Resilience

CVE-2025-7799

HighUpdated

Published: 09 February 2026

Published
09 February 2026
Modified
05 June 2026
KEV Added
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
EPSS Score 0.0029 20.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-7799 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Gov (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Web Portal Capture (T1056.003); ranked at the 20.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Deeper analysis

CVE-2025-7799 is an Improper Neutralization of Input During Web Page Generation vulnerability, classified as Reflected Cross-site Scripting (XSS) under CWE-79, affecting the E-Taxpayer Accounting Website developed by Zirve Information Technologies Inc. The issue impacts versions of the software through 07082025. It received a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L), indicating high severity due to its network accessibility and low attack complexity.

Unauthenticated attackers with network access can exploit this vulnerability without requiring privileges or user interaction. Successful exploitation enables low-impact confidentiality violations, high-impact integrity modifications, and low-impact availability disruptions, potentially allowing malicious script execution in users' browsers.

The Turkish National Cyber Incident Response Center (USOM) has issued a notification on this vulnerability at https://www.usom.gov.tr/bildirim/tr-26-0019, which security practitioners should consult for mitigation guidance and patches.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Information Technologies Inc. E-Taxpayer Accounting Website allows Reflected XSS. This issue affects e-Taxpayer Accounting Website: through 07082025.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1056.003 Web Portal Capture Collection
Adversaries may install code on externally facing portals, such as a VPN login page, to capture and transmit credentials of users who attempt to log into the service.
T1185 Browser Session Hijacking Collection
Adversaries may take advantage of security vulnerabilities and inherent functionality in browser software to change content, modify user-behaviors, and intercept information as part of various browser session hijacking techniques.
T1606.001 Web Cookies Credential Access
Adversaries may forge web cookies that can be used to gain access to web applications or Internet services.
Why these techniques?

Reflected XSS enables direct browser script execution, facilitating web portal credential capture, session hijacking, and web cookie theft.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-25083Shared CWE-79
CVE-2025-23522Shared CWE-79
CVE-2025-23657Shared CWE-79
CVE-2025-0599Shared CWE-79
CVE-2026-24750Shared CWE-79
CVE-2026-28122Shared CWE-79
CVE-2026-4107Shared CWE-79
CVE-2026-1454Shared CWE-79
CVE-2026-32121Shared CWE-79
CVE-2026-42733Shared CWE-79

Affected Assets

Gov
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses reflected XSS by filtering outputs during web page generation to neutralize malicious scripts reflected from user input.

prevent

Validates and sanitizes untrusted network inputs to prevent injection of malicious scripts into the E-Taxpayer Accounting Website.

prevent

Remediates the specific XSS flaw through timely patching of the affected E-Taxpayer Accounting Website versions as advised by USOM.

References