TROYANOSYVIRUS
Back to CVEs

CVE-2025-14830

MEDIUM
4.9

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JFrog Artifactory (Workers) allows Cross-Site Scripting (XSS).This issue affects Artifactory (Workers): from >=7.94.0 through <7.117.10.

CVE Details

CVSS v3.1 Score4.9
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published1/4/2026
Last Modified1/8/2026
Sourcenvd
Honeypot Sightings0

Weaknesses (CWE)

CWE-79

References

https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories(reefs@jfrog.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.