CVE-2025-23393

🗓️ 27 May 2025 07:23:39Reported by suseType

Reflected XSS vulnerability in spacewalk-java allows arbitrary Javascript execution on user machines.

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2025-23393	27 May 202507:48	–	circl
CNNVD	SUSE Manager Server 安全漏洞	27 May 202500:00	–	cnnvd
Cvelist	CVE-2025-23393 Reflected XSS in spacewalk-java	27 May 202507:23	–	cvelist
EUVD	EUVD-2025-27709	3 Oct 202520:07	–	euvd
NVD	CVE-2025-23393	27 May 202508:15	–	nvd
OSV	SUSE-SU-2025:02475-1 Security update 4.3.16 for Multi-Linux Manager Server	23 Jul 202512:36	–	osv
OSV	SUSE-SU-2025:02476-1 Security update 4.3.16 for Multi-Linux Manager Server	23 Jul 202512:37	–	osv
Positive Technologies	PT-2025-22971 · Suse +1 · Suse Manager Server Module +1	27 May 202500:00	–	ptsecurity
SUSE Linux	Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail Branch Server	23 Jul 202512:36	–	suse
SUSE Linux	Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes	23 Jul 202512:37	–	suse

[
  {
    "defaultStatus": "unaffected",
    "packageName": "spacewalk-java",
    "product": "Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "5.0.24-150600.3.25.1",
        "status": "affected",
        "version": "?",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "spacewalk-java",
    "product": "SUSE Manager Server Module 4.3",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "4.3.85-150400.3.105.3",
        "status": "affected",
        "version": "?",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi

15 Apr 2026 00:35Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.2

CVSS 45.6

EPSS0.00251

SSVC

CWE-80