Stocky
1 CVEs
product
Monthly
Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is affected by a Stored Cross-Site Scripting (XSS) vulnerability within the Products module available to authenticated users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Privilege Escalation
XSS
Stocky
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-57204
EPSS 0%
CVSS 5.4
MEDIUM
POC
This Month
Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is affected by a Stored Cross-Site Scripting (XSS) vulnerability within the Products module available to authenticated users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Privilege Escalation
XSS
Stocky
NVD