What the vulnerability does
01Description
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI.
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
April 27, 2025
CVE published
April 28, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-2349 UI Icons - Critical - Cross-site Scripting - SA-CONTRIB-2026-010
CVE-2022-2575 WBW Currency Switcher for WooCommerce < 1.6.6 - Admin+ Stored XSS
CVE-2024-10265 Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.30 - Reflected Cross-Site Scripting via add_query_arg Parameter
CVE-2022-29096
CVE-2021-24319 Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS
