CVE-2025-53543 Information

Description

Kestra is an event-driven orchestration platform. The error message in execution \Overview\ tab is vulnerable to stored XSS due to improper handling of HTTP response received. This vulnerability is fixed in 0.22.0.

Reference

https://github.com/kestra-io/kestra/security/advisories/GHSA-qpj4-4r6r-wvf4

Related CNNVD

CNNVD-202507-781 (Published: 2025-07-07)