The vulnerability CVE-2025-53574 affects ptibogxiv Doliconnect through version 9.3.2 and is classified as a reflected cross-site scripting (XSS) flaw. It occurs due to improper neutralization of input during the generation of web pages, which can allow attackers to inject malicious scripts that execute in the victim's browser session. The CVSS 3.1 base score is 7.1, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, scope change, and impacts on confidentiality, integrity, and availability. No patch or vendor advisory is currently available to confirm remediation status.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of the victim's browser, potentially leading to information disclosure, session hijacking, or other impacts on confidentiality, integrity, and availability. The CVSS vector indicates that the attack can be performed remotely without privileges but requires user interaction. There are no known exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users and administrators should exercise caution with untrusted input and consider implementing web application firewall (WAF) rules to detect and block reflected XSS attempts. Monitor vendor channels for updates regarding patches or official mitigations.