A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:HDesktopalert Pingalert Application Server
APPDesktopalert6.1.0.11 – 6.1.1.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
Related vulnerabilities
CVE-2025-54347CRITICAL9.9PL ✓ten sam produkt
Path Traversal w Desktop Alert PingAlert — zapis dowolnych plików
CVE-2025-54343CRITICAL9.6PL ✓ten sam produkt
Nieprawidłowa kontrola dostępu w Desktop Alert PingAlert — privilege escalation
CVE-2025-54339CRITICAL10.0PL ✓ten sam produkt
Błędna kontrola dostępu w Desktop Alert PingAlert — privilege escalation przez sieć
CVE-2025-54338HIGH7.5ten sam produkt
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert versi...
CVE-2025-54563HIGH7.5ten sam produkt
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert versi...