CVE-2025-54346

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2

Description A Reflected Cross Site Scripting (XSS) issue exists in the Application Server of the software. This allows an attacker to potentially hijack a user’s browser and capture sensitive information. The issue involves a flaw where malicious scripts can be injected into a user's browser through a specially crafted request.

Recommendations Update to a newer version of Desktop Alert PingAlert than version 6.1.1.2.