CVE-2025-3117 – Apache Configuration File Cross-site Scripting (XSS)

June 10, 2025

CVE ID : CVE-2025-3117

Published : June 10, 2025, 9:15 a.m. | 29 minutes ago

Description : CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability
exists impacting configuration file paths that could cause an unvalidated data injected by authenticated
malicious user leading to modify or read data in a victim’s browser.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3116 – Apache HTTP Server SSL/TLS Denial of Service Vulnerability

Next Article CVE-2025-3112 – Apache Webserver Resource Exhaustion Denial of Service

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-3117 – Apache Configuration File Cross-site Scripting (XSS)

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

How to Create a Wordle Game & Word Cloud?

A bizarre iOS 18.4 bug is surprising iPhone users with random app installs

Music AI Sandbox, now with new features and broader access

N|Solid 6.1.8: Major AI Upgrades, UX Enhancements, and Tracing Improvements

CVE-2025-39445 – Highwarden Super Store Finder SQL Injection

CVE-2025-47115 – Adobe Experience Manager Stored Cross-Site Scripting (XSS)

CVE-2024-54189 – Parallels Desktop for Mac Root Privilege Escalation

CVE-2025-46204 – Apache Unifiedtransform Privilege Escalation Vulnerability

CVE-2025-3117 – Apache Configuration File Cross-site Scripting (XSS)

Related Posts