oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2025-54057: Apache SkyWalking: Stored XSS vulnerability

From: Zhenxu Ke <kezhenxu94 () apache org>
Date: Thu, 27 Nov 2025 02:17:59 +0000
Severity: important 

Affected versions:

- Apache SkyWalking through 10.2.0

Description:

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache SkyWalking.

This issue affects Apache SkyWalking: <= 10.2.0.

Users are recommended to upgrade to version 10.3.0, which fixes the issue.

Credit:

Vinh Nguyễn Quang (vinhnq4902 () gmail com) (reporter)

References:

https://skywalking.apache.org/
https://www.cve.org/CVERecord?id=CVE-2025-54057
Previous By Date Next
Previous By Thread Next

Current thread: