VYPR
Medium severity5.4NVD Advisory· Published Dec 29, 2021· Updated Jun 17, 2026

CVE-2021-25990

CVE-2021-25990

Description

In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ifmeorg/ifmellm-create
    Range: v7.22.0 to v7.31.4
  • ifmeorg/ifmev5
    Range: v7.22.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.