Medium severity6.1NVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026
CVE-2025-5254
CVE-2025-5254
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.
This issue affects Kron PAM: before 3.7.
Affected products
1- Range: <3.7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.