Filtered by vendor If-me
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25990 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. | |||||
| CVE-2021-25989 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them. | |||||
| CVE-2021-25988 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin. | |||||