CVE-2025-62198
Received Received - Intake
Cross-Site Scripting in Apache Atlas

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: Apache Software Foundation

Description
An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-22
AI Q&A
2026-06-22
EPSS Evaluated
N/A
NVD
CVE-2025-62198
EUVD
EUVD-2025-210296
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
apache atlas 2.5.0
apache atlas to 2.5.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-80 The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Cross-Site Scripting (XSS) issue that can be exploited by an authenticated user in Apache Atlas versions 2.4.0 and earlier.

XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized actions or data exposure.

Impact Analysis

If exploited, this XSS vulnerability could allow an authenticated user to execute malicious scripts within the context of the Apache Atlas web application.

This could lead to unauthorized actions, theft of sensitive information, session hijacking, or other malicious activities affecting users of the system.

Mitigation Strategies

To mitigate this vulnerability, users are recommended to upgrade Apache Atlas to version 2.5.0, which fixes the issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-62198. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart