CVE-2025-2901

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-2901
Rejected reason: This vulnerability is redundant to CVE-2025-23366 and CVE-2024-10234.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

20 Jun 2025, 12:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 4.6 		v2 : unknown
v3 : unknown
CWE CWE-79
Summary (en) A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities. (en) Rejected reason: This vulnerability is redundant to CVE-2025-23366 and CVE-2024-10234.
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2025-2901', 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2355685', 'source': 'secalert@redhat.com'}

28 Mar 2025, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-28 14:15

Updated : 2025-06-20 12:15

NVD link : CVE-2025-2901

Mitre link : CVE-2025-2901

CVE.ORG link : CVE-2025-2901

JSON object : View

Products Affected

No product.

CWE

No CWE.