exploitDog

CVE-2025-30755

Опубликовано: 19 сент. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

OpenGrok 1.14.1 has a reflected Cross-Site Scripting (XSS) issue when producing the cross reference page. This happens through improper handling of the revision parameter. The application reflects unsanitized user input into the HTML output.

Ссылки

https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-public-documents.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:opengrok:1.14.1:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00059

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-g72g-g4r6-833h

CVSS3: 6.1

github

5 месяцев назад

OpenGrok 1.14.1 has a reflected Cross-Site Scripting (XSS) issue when producing the cross reference page. This happens through improper handling of the revision parameter. The application reflects unsanitized user input into the HTML output.

EPSS

Процентиль: 18%

0.00059

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79