XSS in Knime Business Hub

CVE-2025-3019

KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This c…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (62.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References