CVE-2025-62198

Summary

An authenticated user can perform XSS.

This issue affects Apache Atlas versions 2.4.0 and earlier.

Users are recommended to upgrade to version 2.5.0, which fixes the issue.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Atlas0 <= 2.4.0affected

Weaknesses

  • CWE-80: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References