VYPR
Medium severity6.1NVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026

CVE-2025-5254

CVE-2025-5254

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.

This issue affects Kron PAM: before 3.7.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.