Количество 3
Количество 3
CVE-2025-2901
A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities.
CVE-2025-2901
Rejected reason: This vulnerability is redundant to CVE-2025-23366 and CVE-2024-10234.
GHSA-f7jh-m6wp-jm7f
HAL Cross Site Scripting (XSS) vulnerability of user input when storing it in a data store
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-2901 A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities. | CVSS3: 4.6 | 6 месяцев назад | |
 | CVE-2025-2901 Rejected reason: This vulnerability is redundant to CVE-2025-23366 and CVE-2024-10234. | 6 месяцев назад | ||
| GHSA-f7jh-m6wp-jm7f HAL Cross Site Scripting (XSS) vulnerability of user input when storing it in a data store | CVSS3: 4.6 | 4 месяца назад |
Уязвимостей на страницу