CVE-2025-59873 – Session Token Exposure via URL Query Parameters

CVE ID : CVE-2025-59873

Published : Feb. 23, 2026, 10:56 a.m. | 8 minutes ago

Description : An information exposure vulnerability exists in

Vulnerability in HCL Software ZIE for Web.

The application transmits sensitive session tokens and authentication identifiers within the URL query parameters . An attacker who gains access to any network log or operates a site linked from the application can hijack user sessions

This issue affects ZIE for Web: v16.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-2985 – Tiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgery

CVE-2025-40986 – Reflected Cross-Site Scripting in PideTuCita

CVE-2025-40701 – Reflected Cross-Site scripting (XSS) in SOTE’s SOTESHOP

CVE-2026-2983 – SourceCodester Student Result Management System Bulk Import import_users.php access control