VYPR
Medium severity5.4NVD Advisory· Published Dec 29, 2021· Updated Jun 17, 2026

CVE-2021-25988

CVE-2021-25988

Description

In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ifmeorg/ifmellm-create
    Range: 1.0.0 - 7.31.4
  • ifmeorg/ifmev5
    Range: 1.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.