{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T11:38:06.214","vulnerabilities":[{"cve":{"id":"CVE-2025-5198","sourceIdentifier":"secalert@redhat.com","published":"2025-05-27T21:15:22.863","lastModified":"2025-07-30T20:15:38.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object* that is applied to a secured cluster. This object can be used by a user with access to the cluster or through a compromised third-party product."},{"lang":"es","value":"Se encontró una falla en Stackrox que es vulnerable a Cross-Site Scripting (XSS) si el código del script se incluye en un pequeño subconjunto de celdas de tabla. La única vulnerabilidad conocida es si el script se incluye en el nombre de un objeto \"Rol\"* de Kubernetes aplicado a un clúster seguro. Este objeto puede ser utilizado por un usuario con acceso al clúster o a través de un producto de terceros comprometido."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:kubernates:*:*","matchCriteriaId":"0FB56EBE-BCC0-4833-82B3-D5EFC50A7E65"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stackrox:stackrox:-:*:*:*:*:*:*:*","matchCriteriaId":"52EBFA77-3FF6-43EB-8606-C02D32796957"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-5198","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368568","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/stackrox/stackrox/pull/13336","source":"secalert@redhat.com"}]}}]}