CVE-2025-54760

Summary

Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser.

Affected Software

VendorProductVersion RangeStatus
NEOJAPAN Inc.desknet’s NEOV9.0R2.0 and earlieraffected

Weaknesses

  • CWE-79: Cross-site scripting (XSS)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References