CVE-2025-62198

Source
https://cve.org/CVERecord?id=CVE-2025-62198
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62198.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-62198
Published
2026-06-22T07:47:11.847Z
Modified
2026-07-08T08:12:18.193103737Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
Apache Atlas: Stored XSS in Create Entity page
Details

An authenticated user can perform XSS.

This issue affects Apache Atlas versions 2.4.0 and earlier.

Users are recommended to upgrade to version 2.5.0, which fixes the issue.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "2.4.0"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62198.json",
    "cna_assigner": "apache",
    "cwe_ids": [
        "CWE-80"
    ]
}
References

Affected packages

Git / github.com/apache/atlas

Affected ranges

Type
GIT
Repo
https://github.com/apache/atlas
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:apache:atlas:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.5.0"
        }
    ]
}

Affected versions

release-2.*
release-2.5.0-rc0
release-2.5.0-rc1
release-2.5.0-rc2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62198.json"