{"id":64975,"date":"2025-06-12T19:31:51","date_gmt":"2025-06-12T16:01:51","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-49191-apache-atlas-cross-site-scripting-xss\/"},"modified":"2025-06-12T19:31:51","modified_gmt":"2025-06-12T16:01:51","slug":"cve-2025-49191-apache-atlas-cross-site-scripting-xss","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-49191-apache-atlas-cross-site-scripting-xss\/","title":{"rendered":"CVE-2025-49191 &#8211; Apache Atlas Cross-Site Scripting (XSS)"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-49191<br \/>\n<br \/>\n<strong>Published : <\/strong> June 12, 2025, 2:15 p.m. | 44\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to create new dashboards or iFrame widgets.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 4.8 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-49191 Published : June 12, 2025, 2:15 p.m. | 44\u00a0minutes ago Description : Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64975","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64975"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64975\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}