Vulnerabilities

CVE-2021-25989

by Fred · 29/12/2021

In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them.

Date published : 2021-12-29

https://github.com/ifmeorg/ifme/commit/df4986f0721a72779403d21d36c025fe95edffad

https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25989

Similar

Tags: Cybersecurity Alert