- Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- security@apache.org
- CWE-79
- Hype score
- Not currently trending
🚨 CVE-2025-25247 🟠 MEDIUM (6.1) 🏢 Apache Software Foundation - Apache Felix Webconsole 🏗️ Version 4.x 🔗 https://t.co/Hn7EN4Seve #CyberCron #VulnAlert https://t.co/tlh68uKE30
@cybercronai
11 Feb 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25247 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webcon… https://t.co/C5UYOjgLW9
@CVEnew
10 Feb 2025
497 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25247: Apache Felix Webconsole: XSS in services console https://t.co/yaVZM5YzFD
@oss_security
10 Feb 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-25247 | Apache Felix Webconsole up to 4.9.8/5.0.8 Services Console cross site scripting) has been published on https://t.co/bjGotLdTnf
@WolfgangSesin
10 Feb 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25247 FELIX-6751 https://t.co/FNOxZyjZp6 Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
10 Feb 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes