HIGH🇵🇱 Wersja polska

CVE-2025-54346

CVSS 7.6v3.1pub. 2025-11-14upd. 2025-11-20

A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • Desktopalert Pingalert Application Server

    APP
    Desktopalert
    6.1.0.11 – 6.1.1.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2025-54347CRITICAL9.9PL ✓ten sam produkt

Path Traversal w Desktop Alert PingAlert — zapis dowolnych plików

CVE-2025-54343CRITICAL9.6PL ✓ten sam produkt

Nieprawidłowa kontrola dostępu w Desktop Alert PingAlert — privilege escalation

CVE-2025-54339CRITICAL10.0PL ✓ten sam produkt

Błędna kontrola dostępu w Desktop Alert PingAlert — privilege escalation przez sieć

CVE-2025-54338HIGH7.5ten sam produkt

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert versi...

CVE-2025-54563HIGH7.5ten sam produkt

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert versi...