CVE 6.1 MEDIUM

Stored XSS in Kron Technologies’ Kron PAM_CVE-2025-5254

August 14, 2025 invoker category_cve
6.1 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.This issue affects Kron PAM: before 3.7.

Basic Information

ID CVE-2025-5254
Source TR-CERT
Published Jul 25, 2025 at 11:30
Modified Aug 4, 2025 at 18:32

Affected Product

Vendor Kron Technologies
Product Kron PAM
Affected Versions Kron Technologies Kron PAM 0

CWE Classification

CWE-79

References

๐Ÿ’ญ Join the Security Discussion

๐Ÿ”’ Your email address will not be published. Required fields are marked *

โš ๏ธ Please be respectful and constructive in your comments. Security discussions should remain professional.