easyXDM 2.5 allows XSS via the xdm_e parameter.
Max CVSS
6.1
EPSS Score
0.05%
Published
2024-01-08
Updated
2024-01-12
Cross-site scripting (XSS) vulnerability in name.html in easyXDM before 2.4.19 allows remote attackers to inject arbitrary web script or HTML via the location.hash value.
Max CVSS
4.3
EPSS Score
0.33%
Published
2014-02-05
Updated
2017-08-29
Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote attackers to inject arbitrary web script or html via the easyxdm.swf file.
Max CVSS
6.1
EPSS Score
0.11%
Published
2020-02-14
Updated
2020-02-24
3 vulnerabilities found