Ifme is an open source mental health experience community that encourages people to share their personal stories with trusted allies. ifme has a cross-site scripting vulnerability in v7.22.0 through v7.31.4, which stems from a lack of data validation filtering of user-supplied data and output in the contact field. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
Ifme Ifme >=v7.22.0,<=v | eq | 7.31.4 |