PT-2025-45431 · Unknown · Notifications Center
Published
2025-11-07
·
Updated
2025-11-07
·
CVE-2025-54167
CVSS v4.0
7.2
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Notification Center versions prior to 2.1.0.3443
Notification Center versions prior to 1.9.2.3163
Notification Center versions prior to 3.0.0.3466
Description
A cross-site scripting (XSS) issue exists in Notification Center. An attacker who obtains an administrator account can exploit this issue to circumvent security measures or access application data.
Recommendations
Update Notification Center to version 2.1.0.3443 or later.
Update Notification Center to version 1.9.2.3163 or later.
Update Notification Center to version 3.0.0.3466 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Notifications Center