Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.
This issue affects Kron PAM: before 3.7.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
References
History
Fri, 05 Jun 2026 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.This issue affects Kron PAM: before 3.7. | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS. This issue affects Kron PAM: before 3.7. |
| References |
|
Mon, 04 Aug 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 25 Jul 2025 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kron Technologies Kron PAM allows Stored XSS.This issue affects Kron PAM: before 3.7. | |
| Title | Stored XSS in Kron Technologies' Kron PAM | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: TR-CERT
Published:
Updated: 2026-06-05T14:33:24.857Z
Reserved: 2025-05-27T08:17:47.296Z
Link: CVE-2025-5254
Vulnrichment
Updated: 2025-07-25T12:27:53.094Z
NVD
Status : Deferred
Published: 2025-07-25T12:15:27.030
Modified: 2026-06-05T15:16:40.997
Link: CVE-2025-5254
Redhat
No data.
OpenCVE Enrichment
No data.