10 matches found
Security Bulletin: Due to use of apache.felix.webconsole, IBM webMethods BPM is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
Summary IBM webMethods BPM is using apache.felix.webconsole. Vulnerability Details CVEID:CVE-2025-25247 DESCRIPTION: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to...
EUVD-2025-4096
Malicious code in bioql PyPI...
GHSA-4C37-7M5H-C8M9 Apache Felix Webconsole: XSS in services console
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...
Apache Felix Webconsole: XSS in services console
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...
CVE-2025-25247
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...
CVE-2025-25247 Apache Felix Webconsole: XSS in services console
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...
CVE-2025-25247
Apache Felix Webconsole CVE-2025-25247 is a Cross-site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Itffects Apache Felix Webconsole with 4.x up to 4.9.8 and 5.x up to 5.0.8. The CVSS v3.1 base score is 6.1 (Network attack vector, no privile...
CVE-2025-25247 Apache Felix Webconsole: XSS in services console
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...
PT-2025-6037 · Apache · Apache Felix Webconsole
Name of the Vulnerable Software and Affected Versions: Apache Felix Webconsole versions 4.x up to 4.9.8 Apache Felix Webconsole versions 5.x up to 5.0.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allow...
Apache Felix Webconsole 跨站脚本漏洞
Apache Felix Webconsole is a simple tool from the Apache USA Foundation to inspect and manage OSGi framework instances using a web browser. A cross-site scripting vulnerability exists in Apache Felix Webconsole versions 4.x through 4.9.8 and 5.x through 5.0.8, which stems from incorrect...