CVE-2025-54057 | THREATINT

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: <= 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue.

PUBLISHED Reserved 2025-07-16 | Published 2025-11-27 | Updated 2025-11-27 | Assigner apache

Problem types

CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Product status

Default status

unaffected

Any version

affected

Credits

Vinh Nguyễn Quang (vinhnq4902@gmail.com) reporter

References

www.openwall.com/lists/oss-security/2025/11/27/1

lists.apache.org/thread/sl2x2tx8y007x0mo746yddx2lvnv9tcr vendor-advisory

cve.org (CVE-2025-54057)

nvd.nist.gov (CVE-2025-54057)

Download JSON