easyXDM 2.5 allows XSS via the xdm_e parameter.
Max CVSS
6.1
EPSS Score
0.05%
Published
2024-01-08
Updated
2024-01-12
Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote attackers to inject arbitrary web script or html via the easyxdm.swf file.
Max CVSS
6.1
EPSS Score
0.11%
Published
2020-02-14
Updated
2020-02-24
2 vulnerabilities found