HTML Injection Vulnerability in CyberArk Endpoint Privilege Manager
CVE-2025-22274

2LOW

Key Information:

Vendor: Cyberark
Status: Endpoint Privilege Manager
Vendor: CVE Published:; 28 February 2025

What is CVE-2025-22274?

A vulnerability has been identified in CyberArk Endpoint Privilege Manager that allows attackers to inject arbitrary HTML code via the 'content' field in the 'Application definition' page. This can lead to significant security concerns, as malicious scripts could be executed by users accessing affected pages. The vulnerability specifically impacts SaaS version 24.7.1, with no status update available for other versions despite attempts to reach the vendor for clarification.

Affected Version(s)

Endpoint Privilege Manager SaaS 24.7.1

References

https://cert.pl/en/posts/2025/02/CVE-2025-22270/

third-party-advisory

https://cert.pl/posts/2025/02/CVE-2025-22270/

third-party-advisory

https://docs.cyberark.com/epm/24.7.1/en/content/resources...

product

CVSS V4

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 28, 2025
Vulnerability Reserved
Jan 2, 2025

Credit

Karol Mazurek (Afine Team)

Maksymilian Kubiak (Afine Team)