{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T04:12:23.273","vulnerabilities":[{"cve":{"id":"CVE-2025-25247","sourceIdentifier":"security@apache.org","published":"2025-02-10T12:15:29.557","lastModified":"2025-07-14T13:50:15.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Felix Webconsole.\n\nThis issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8.\n\nUsers are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en Apache Felix Webconsole. Este problema afecta a Apache Felix Webconsole 4.x hasta 4.9.8 y 5.x hasta 5.0.8. Se recomienda a los usuarios actualizar a la versión 4.9.10 o 5.0.10 o superior, que soluciona el problema. "}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:felix_webconsole:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.9.10","matchCriteriaId":"961B5383-2AF2-4E6F-9BF5-A5C742D6AA67"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:felix_webconsole:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.10","matchCriteriaId":"731E59BA-2F12-47FC-AD13-99FFB0A67483"}]}]}],"references":[{"url":"https://lists.apache.org/thread/z47jbf0rbylzd0ktfzdw9c8b5fpyl24m","source":"security@apache.org","tags":["Issue Tracking","Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2025/02/10/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}