VYPR
Medium severity6.1NVD Advisory· Published May 2, 2025· Updated Jun 17, 2026

CVE-2025-21572

CVE-2025-21572

Description

OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output.

Affected products

2
  • Range: <=1.13.25
  • Oracle Corporation/OpenGrokv5
    Range: 1.13.25

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.