CVE-2023-4676 is a reflected cross-site scripting (XSS) issue in Yordam MedasPro. The public record ties the flaw to input that is not properly neutralized during web page generation, which can allow attacker-controlled content to be reflected back into a user’s browser. NVD lists the affected MedasPro range as versions before 28.
CVE-2021-45478 documents an improper handling of parameters vulnerability in Yordam Library Automation System versions prior to 19.2. The vulnerability allows an attacker with low privileges to collect data as provided by users. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) indicates network-accessible attack vector with low attack complexity, requiring low privileges and no user interaction, [truncated]
CVE-2021-45476 documents an unauthenticated reflected cross-site scripting (XSS) vulnerability in Yordam Library Information Document Automation product versions prior to 19.02. The vulnerability was published in the NVD on 2022-10-27 and most recently modified on 2026-05-18. The Turkish National Cyber Security Incident Response Team (USOM) issued advisory TR-22-0669, which serves as the primary source fo [truncated]
CVE-2021-45475 is a medium-severity information disclosure vulnerability affecting Yordam Library Automation System versions prior to 19.02. The vulnerability allows unauthenticated attackers to access sensitive information without requiring authentication credentials. The issue was publicly disclosed on October 27, 2022, with the most recent modification to the CVE record occurring on May 18, 2026. The v [truncated]