Filtered by vendor Srimax
Subscriptions
Filtered by product Output Messenger
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27921 | 1 Srimax | 1 Output Messenger | 2025-06-13 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s response. This vulnerability occurs when user-controlled input is reflected back into the browser without proper sanitization or encoding. | ||||
| CVE-2025-27920 | 1 Srimax | 1 Output Messenger | 2025-05-21 | 7.2 High |
| Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access. | ||||
Page 1 of 1.