CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

May 27, 2025

CVE ID : CVE-2025-5198

Published : May 27, 2025, 9:15 p.m. | 3 hours, 44 minutes ago

Description : A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object* that is applied to a secured cluster. This object can be used by a user with access to the cluster or through a compromised third-party product.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5279 – Amazon Redshift Python Connector AzureOAuth2CredentialsProvider SSL Certificate Validation Bypass

Next Article CVE-2025-5067 – Inappropriate implementation in Tab Strip in Googl

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

CodeSOD: Integral to a Database Read

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

In Sam Altman’s world, the perfect AI would be “a very tiny model with superhuman reasoning capabilities” for any context

Sam Altman’s ouster from OpenAI was so dramatic that it’s apparently becoming a movie — Will we finally get the full story?

One of Microsoft’s biggest hardware partners joins its “bold strategy, Cotton” moment over upgrading to Windows 11, suggesting everyone just buys a Copilot+ PC

Enable Flexible Pattern Matching with Laravel’s Case-Insensitive Str::is Method

Enable Flexible Pattern Matching with Laravel’s Case-Insensitive Str::is Method

Laravel OpenRouter

This Week in Laravel: Starter Kits, Alpine, PDFs and Roles/Permissions

FOSS Weekly #25.23: Helwan Linux, Quarkdown, Konsole Tweaks, Keyboard Shortcuts and More Linux Stuff

FOSS Weekly #25.23: Helwan Linux, Quarkdown, Konsole Tweaks, Keyboard Shortcuts and More Linux Stuff

Grow is a declarative website generator

Raspberry Pi 5 Desktop Mini PC: Benchmarking

CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

How Falcon Next-Gen SIEM Protects Enterprises from VMware vCenter Attacks

Diving deep into the new Amazon Aurora Global Database writer endpoint

For this computer scientist, MIT Open Learning was the start of a life-changing journey

Best Free and Open Source Alternatives to Microsoft Sticky Notes

Lies of P, one of my favorite Xbox Soulslikes, has finally revealed its DLC expansion, and it’s inbound for Summer 2025

A Beginner’s Guide to Terraform – Infrastructure-as-Code in Practice

Vision-R1: Redefining Reinforcement Learning for Large Vision-Language Models

Can one combine FlaUI and Selenium?

Co-op CEO to Members: We’re Fighting to Protect Your Data

CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

Related Posts