TVN ID	TVN-202511011
CVE ID	CVE-2025-13589
CVSS	6.1 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products	FMS version 20251014.10r45111 and earlier
Description	FMS developed by Otsuka Information Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Solution	Update to version 20251020.18r45177 and later
Credit	BTtea(CHT Security)
Public Date	2025-11-24