Apache: >> Skywalking >> 10.0.0 Security Vulnerabilities
The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.
This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0.
Users are recommended to upgrade to version 10.4.0, which fixes the issue.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-04-15
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache SkyWalking.
This issue affects Apache SkyWalking: <= 10.2.0.
Users are recommended to upgrade to version 10.3.0, which fixes the issue.
CVSS Score
6.1
EPSS Score
0.004
Published
2025-11-27