CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

May 27, 2025

CVE ID : CVE-2025-5198

Published : May 27, 2025, 9:15 p.m. | 3 hours, 44 minutes ago

Description : A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object* that is applied to a secured cluster. This object can be used by a user with access to the cluster or through a compromised third-party product.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5279 – Amazon Redshift Python Connector AzureOAuth2CredentialsProvider SSL Certificate Validation Bypass

Next Article CVE-2025-5067 – Inappropriate implementation in Tab Strip in Googl

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

Alienware’s rumored laptop could be the first to feature NVIDIA’s revolutionary Arm-based APU

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

From Kitchen To Conversion

Perficient Included in Forrester’s AI Technical Services Landscape, Q2 2025

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

CVE-2025-20985 – Microsoft Xbox ThemeManager Privilege Escalation Vulnerability

CVE-2025-20984 – Samsung Cloud for Galaxy Watch Default Permission Vulnerability

Inspirational Websites Roundup #60

Rilasciata BleachBit 5.0: la nuova versione del software open source per la pulizia di sistema su GNU/Linux

Quantum Systems acquires AirRobot to boost drone tech for the Bundeswehr and European partners

CVE-2025-47679 – RS WP Book Showcase Cross-site Scripting (XSS)

TUXEDO OS – Ubuntu-based Linux distribution

Alternatives to popular CLI tools: tree

Fine Silver Jewelry Brand Zumorrud

Play ransomware exploited Windows logging flaw in zero-day attacks

CVE-2025-5198 – Stackrox XSS Vulnerability in Role Object Name

Related Posts