XSS in Linux Linux_kernel

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (13.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-0513?
CVE-2025-0513 is a medium-severity vulnerability in Linux Linux_kernel, classified under Cross-site Scripting. CVSS score: 5.4/10. Published 2025-02-11.
How severe is CVE-2025-0513?
Medium severity. CVSS v3 base score is 5.4 out of 10.