CVE-2025-25247 Information
Feb 11, 2025
cve
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Apache Felix Webconsole.
This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8.
Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher which fixes the issue.
Reference
http://www.openwall.com/lists/oss-security/2025/02/10/1 https://lists.apache.org/thread/z47jbf0rbylzd0ktfzdw9c8b5fpyl24m
Share on: