CVE-2025-50055

216.73.217.22

· Published 27/10/2025 14:15 · Modified 27/10/2025 14:15

Labels: CVE-2025-50055 2025-10-27 CVE-2025-50055 CWE-79 [email protected]

Essential information

Published: 27/10/2025 14:15
Modified: 27/10/2025 14:15
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

Cross-site scripting (XSS) vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service (ACS) endpoint servers to inject arbitrary web script or HTML via the RelayState parameter

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
openvpn / openvpn access server	`cpe:2.3:a:openvpn:openvpn_access_server:2.14.0-2.14.3:::::::*`

CVE-2025-50055

Essential information

Description

NVD status

Affected products (CPE)

References