Medium severity5.4NVD Advisory· Published Dec 29, 2021· Updated Jun 17, 2026
CVE-2021-25988
CVE-2021-25988
Description
In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ifmeorg/ifmev5Range: 1.0.0
Patches
Vulnerability mechanics
References
2- github.com/ifmeorg/ifme/commit/720a47015e46ad387b3219fed7ebfb14ec3c854cnvdPatchThird Party Advisory
- www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25988nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.