4 matches found
CVE-2021-25990
creationtimestamp| type| source ---|---|--- 2021-12-29 12:25:37+00:00| seen| https://t.me/cibsecurity/34720...
CVE-2021-25990
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe...
CVE-2021-25990
CVE-2021-25990 affects the open-source project ifme (versions v7.22.0–v7.31.4 ). The issue is a self-stored XSS in the contacts field , arising from a lack of checksum filtering of user-supplied data and its output, allowing loading of XSS payloads via an iframe. Documented impact is client-side ...
CVE-2021-25990 ifme - Stored Cross-Site Scripting (XSS) in Contacts section
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe...