CVE Alert: CVE-2025-2901
Vulnerability Summary: CVE-2025-2901
A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities.
Affected Endpoints:
No affected endpoints listed.
Published Date:
3/28/2025, 2:15:22 PM
⚠️ CVSS Score:
Exploit Status:
Not ExploitedReferences:
- https://access.redhat.com/security/cve/CVE-2025-2901
- https://bugzilla.redhat.com/show_bug.cgi?id=2355685
Recommended Action:
No proposed action available. Please refer to vendor documentation for updates.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
