Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

CVE-2025-62198 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2025-62198

CVE-2025-62198

MEDIUM5.4

Apache Atlas: Stored XSS in Create Entity page

Published Jun 22, 2026

Modified 3 days ago

Details

An authenticated user can perform XSS.

This issue affects Apache Atlas versions 2.4.0 and earlier.

Users are recommended to upgrade to version 2.5.0, which fixes the issue.

References

http://www.openwall.com/lists/oss-security/2026/06/20/1

https://lists.apache.org/thread/nv893lhz3ok08f25j3v4z1to5nrpdp7k

https://www.cve.org/CVERecord?id=CVE-2025-62198

CVSS Analysis

CVSS v3.1

5.4

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

RequiredUI:R

Scope

Scope

ChangedS:C

Impact

Confidentiality

LowC:L

Integrity

LowI:L

Availability

NoneA:N

5.4/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedJun 22, 2026

ModifiedJun 22, 2026