← back
CVE-2025-54348

CVE-2025-54348

CVSS 6.5 MEDIUMEPSS 0.1%CWE-80
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://desktopalert.nethttps://desktopalert.net/cve-2025-54348/