CVE-2025-62198 · Symaro Security Advisory

Description

An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue.

Weaknesses

CWE-80 — CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Affected products

Vendor	Product	Versions
Apache Software Foundation	Apache Atlas	0 to <=2.4.0

References

https://lists.apache.org/thread/nv893lhz3ok08f25j3v4z1to5nrpdp7k (vendor-advisory)
http://www.openwall.com/lists/oss-security/2026/06/20/1

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 22 Jun 2026 14:43 UTC.