Cross-Site Scripting Vulnerability in Web Application by Leading Vendor
CVE-2025-55064

4.8MEDIUM

Key Information:

Vendor: Priority
Status: Web
Vendor: CVE Published:; 29 December 2025

What is CVE-2025-55064?

This vulnerability allows attackers to inject malicious scripts into web pages viewed by users. When unsuspecting users interact with the compromised web application, these scripts can execute in their browsers, potentially leading to data theft, session hijacking, or other malicious activities. Effective input validation measures are essential to protect users from these kinds of attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Web 24.1 and below

References

https://www.gov.il/en/departments/dynamiccollectors/cve_a...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

Itamar Zalisher - MadSec

JSON

Priority