Lucene search
+L

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25621

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.01084EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/26 12:0 a.m.4 views

Apache Log4cxx Cross-Site Scripting Vulnerability

Apache Log4cxx is the United States Apache Apache Foundation of a C + + logging framework patterned on Apache log4j . A cross-site scripting vulnerability exists in Apache Log4cxx versions prior to 1.5.0, which stems from HTMLLayout not properly escaping logger names, and can be exploited by an...

5.4CVSS6.3AI score0.01084EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/08/25 11:22 p.m.2 views

SUSE CVE-2025-54812

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

5.4CVSS6.5AI score0.01084EPSS
Exploits0References3
NVD
NVD
added 2025/08/22 7:15 p.m.4 views

CVE-2025-54812

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

5.4CVSS0.01084EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/22 6:46 p.m.8 views

CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

2.1CVSS0.01084EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/22 6:46 p.m.2 views

CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

2.1CVSS6.1AI score0.01084EPSS
Exploits0References3
CVE
CVE
added 2025/08/22 6:46 p.m.29 views

CVE-2025-54812

CVE-2025-54812 affects Apache Log4cxx prior to 1.5.0. The issue is due to improper output neutralization in HTMLLayout: logger names from untrusted sources are not escaped when writing HTML logs, enabling potential HTML/JS injection that could lead to log manipulation or information exposure when...

5.4CVSS6.1AI score0.01084EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2025/08/22 6:46 p.m.6 views

CVE-2025-54812

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

5.4CVSS5.2AI score0.01084EPSS
Exploits0
OSV
OSV
added 2025/08/22 6:46 p.m.4 views

CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...

2.1CVSS6.2AI score0.01084EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.7 views

PT-2025-34481

Name of the Vulnerable Software and Affected Versions: Apache Log4cxx versions prior to 1.5.0 Description: Apache Log4cxx contains an Improper Output Neutralization for Logs issue. When using HTMLLayout, logger names are not properly escaped when writing to an HTML file. If untrusted data is used...

7.5CVSS5.3AI score0.01211EPSS
Exploits0References20
Rows per page
Query Builder