Cross-Site Scripting Vulnerability in Jastow by Red Hat
CVE-2025-12799
6.5MEDIUM
Key Information:
What is CVE-2025-12799?
A vulnerability exists in Jastow that exposes systems to Cross-Site Scripting (XSS) attacks. This flaw arises when a specific configuration allows unescaped characters within URLs when integrated with Undertow and Jastow. When this configuration is mismanaged, it can lead to improper handling of input data, opening the door for attackers to inject malicious scripts, potentially compromising the integrity and confidentiality of the server.