CVE-2025-53865
Publication date 13 July 2025
Last updated 16 July 2025
Ubuntu priority
Description
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates (devel and responsive).
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| roundup | 25.04 plucky | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 16.04 LTS xenial |
Needs evaluation
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
6.4 · Medium
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Changed |
| Confidentiality | Low |
| Integrity impact | Low |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |