CVE-2025-30676

Medium

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz. This issue affects Apache…

apache·CWE-80·Published 2025-04-01

CVSS

6.1

EPSS

0.58

KEV

Exploits

cve.orgen

237 chars

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.19. Users are recommended to upgrade to version 18.12.19, which fixes the issue.

NVDen

237 chars

NVDes

282 chars

Vulnerabilidad de neutralización incorrecta de etiquetas HTML relacionadas con scripts en una página web (XSS básico) en Apache OFBiz. Este problema afecta a Apache OFBiz: versiones anteriores a la 18.12.19. Se recomienda actualizar a la versión 18.12.19, que soluciona el problema.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1	Primary	cve.org	6.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N