CVE-2025-59025 – Apache Email Script Execution Vulnerability

CVE ID : CVE-2025-59025

Published : Nov. 27, 2025, 9:23 a.m. | 1 hour, 1 minute ago

Description : Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-54057 – Apache SkyWalking: Stored XSS vulnerability

CVE-2025-59302 – Apache CloudStack: Potential remote code execution on Javascript engine defined rules

CVE-2025-59454 – Apache CloudStack: Lack of user permission validation leading to data leak for few APIs

CVE-2025-59890 – Eaton Galileo Local File Inclusion Vulnerability