CVE-2025-53883

🗓️ 30 Oct 2025 10:50:07Reported by suseType

CVE-2025-53883 spacewalk-java has reflected scripting in search fields across SUSE Manager Server versions.

Reporter	Title	Published	Views	Family All 16
Circl	CVE-2025-53883	30 Oct 202511:55	–	circl
CNNVD	SUSE多款产品安全漏洞	30 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-53883 spacewalk-java has various XSS issues on search page	30 Oct 202510:50	–	cvelist
EUVD	EUVD-2025-36996	30 Oct 202510:50	–	euvd
NVD	CVE-2025-53883	30 Oct 202511:15	–	nvd
OSV	SUSE-SU-2025:3826-1 Security update 4.3.16.1 for SUSE Manager Server 4.3 LTS	28 Oct 202507:26	–	osv
OSV	SUSE-SU-2025:3827-1 Security update 4.3.16.1 for SUSE Manager Server Release Notes	28 Oct 202507:26	–	osv
Positive Technologies	PT-2025-44398	30 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-53883	1 Nov 202514:20	–	redhatcve
SUSE Linux	Security update 5.0.5.1 for for Multi-Linux Manager	28 Oct 202507:26	–	suse

CNA

Node

suse container_suse_manager_5.0Range0–5.0.28-150600.3.36.8

suse suse_manager_server_lts_4.3Range0–4.3.88-150400.3.113.5

[
  {
    "defaultStatus": "unaffected",
    "packageName": "spacewalk-java",
    "product": "Container suse manager 5.0",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "5.0.28-150600.3.36.8",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "spacewalk-java",
    "product": "SUSE Manager Server LTS 4.3",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "4.3.88-150400.3.113.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi

15 Apr 2026 00:35Current

5.6Medium risk

Vulners AI Score5.6

CVSS 49.3

EPSS0.00058

SSVC

CWE-80