Severity
Medium
Analysis Summary
CVE-2025-21572
Oracle OpenGrok is vulnerable to reflected cross-site scripting, caused by improper validation of user-supplied input by the history view page.
Impact
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2025-21572
Affected Vendors
Oracle
Affected Products
- Oracle Corporation OpenGrok - 1.13.25
Remediation
Refer to Oracle Security Advisory for patch, upgrade or suggested workaround information.