in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2021-04-12T13:48:51
Updated: 2024-08-03T20:11:28.489Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25925
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-12T14:15:16.303
Modified: 2024-11-21T05:55:37.047
Link: CVE-2021-25925
Redhat
No data.