CVE-2025-54348

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2

Description A Stored Cross Site Scripting (XSS) issue exists in the Application Server of the software. This allows an attacker to potentially hijack a user’s browser and capture sensitive information. The issue involves the ability to inject malicious scripts that are then stored and executed when other users access the affected functionality.

Recommendations Update to a version later than 6.1.1.2.