CVE-2019-25449 in OrientDB
Zusammenfassung
von MITRE • 21.02.2026
OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted JSON payloads to the document endpoint. Attackers can send POST requests to /document/demodb/-1:-1 with script tags in the name parameter to execute arbitrary JavaScript in users' browsers.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.