← back
CVE-2025-54346

CVE-2025-54346

CVSS 7.6 HIGHEPSS 0.2%CWE-80
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://desktopalert.nethttps://desktopalert.net/cve-2025-54346/