CVE-2025-53883
Published: 30 October 2025
Summary
CVE-2025-53883 is a critical-severity Basic XSS (CWE-80) vulnerability in Suse (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, ranked at the 17.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-36996
Vulnerability details
A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue affects Container suse/manager/5.0/x86_64/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manager Server…
more
LTS 4.3: from ? before 4.3.88-150400.3.113.5.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.