CVE-2019-25449 in OrientDBИнформация

Сводка

по MITRE • 21.02.2026

OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted JSON payloads to the document endpoint. Attackers can send POST requests to /document/demodb/-1:-1 with script tags in the name parameter to execute arbitrary JavaScript in users' browsers.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

20.02.2026

Раскрытие

21.02.2026

Модерация

принято

Вход

VDB-347266

CPE

готов

CWE

CWE-79 (Подтверждённый)

Эксплойт

Скачать

CVSS

6.1 (CNA)

EPSS

0.00042

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-25449
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-25449
CVE Details	https://www.cvedetails.com/cve/CVE-2019-25449/

◂ Предыдущий Обзор Далее ▸

Do you need the next level of professionalism?

Upgrade your account now!