CVE-2021-25988

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-25988

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25988.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-25988

Published

2021-12-29T09:15:09.150Z

Modified

2025-11-14T11:32:13.178687Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.

References

Affected packages

Git / github.com/ifmeorg/ifme

Affected ranges

Type: GIT
Repo: https://github.com/ifmeorg/ifme
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

720a47015e46ad387b3219fed7ebfb14ec3c854c

Affected versions

1.*

1.0.0

v.*

v.3.5.0

v.7.31.2

v1.*

v1.0.0

v1.0.1

v1.1.0

v1.2.0

v1.2.1

v1.3.0

v1.3.1

v1.4.0

v1.5.0

v2.*

v2.0.0

v3.*

v3.0.0

v3.0.1

v3.1.0

v3.1.1

v3.2.0

v3.3.0

v3.3.1

v3.4.0

v3.4.1

v3.4.2

v3.5.0

v4.*

v4.0.0

v4.1.0

v4.2.0

v4.3.0

v4.4.0

v5.*

v5.0.0

v5.0.1

v5.1.0

v5.2.0

v5.2.1

v6.*

v6.0.0

v6.0.1

v6.0.2

v6.1.0

v6.1.1

v6.1.2

v6.10.0

v6.10.1

v6.11.0

v6.12.0

v6.13.0

v6.14.0

v6.15.0

v6.16.0

v6.17.0

v6.18.0

v6.19.0

v6.2.0

v6.2.1

v6.3.0

v6.4.0

v6.5.0

v6.5.1

v6.5.2

v6.6.0

v6.7.0

v6.7.1

v6.8.0

v6.9.0

v6.9.1

v7.*

v7.0.0

v7.1.0

v7.10.0

v7.10.1

v7.10.2

v7.10.3

v7.10.4

v7.10.5

v7.10.6

v7.10.7

v7.10.8

v7.10.9

v7.11.0

v7.12.0

v7.12.1

v7.12.2

v7.12.3

v7.12.4

v7.12.5

v7.12.6

v7.12.7

v7.12.8

v7.12.9

v7.13.0

v7.13.1

v7.13.2

v7.13.3

v7.13.4

v7.13.5

v7.13.6

v7.13.7

v7.14.0

v7.14.1

v7.14.2

v7.14.3

v7.15.0

v7.15.1

v7.15.2

v7.15.3

v7.15.4

v7.15.5

v7.16.0

v7.16.1

v7.17.0

v7.18.0

v7.18.1

v7.18.2

v7.19.0

v7.19.1

v7.19.2

v7.19.3

v7.2.0

v7.20.0

v7.20.1

v7.21.0

v7.21.1

v7.22.0

v7.22.1

v7.22.2

v7.22.3

v7.22.4

v7.22.5

v7.23.0

v7.23.1

v7.24.0

v7.24.1

v7.24.2

v7.24.3

v7.24.4

v7.24.5

v7.24.6

v7.24.7

v7.24.8

v7.24.9

v7.25.0

v7.25.1

v7.25.2

v7.25.3

v7.25.4

v7.26.0

v7.26.1

v7.26.2

v7.26.3

v7.27.0

v7.27.1

v7.28.0

v7.29.0

v7.29.1

v7.29.2

v7.29.3

v7.29.4

v7.3.0

v7.30.0

v7.30.1

v7.30.10

v7.30.11

v7.30.12

v7.30.13

v7.30.2

v7.30.3

v7.30.4

v7.30.5

v7.30.6

v7.30.7

v7.30.8

v7.30.9

v7.31.0

v7.31.1

v7.31.2

v7.31.3

v7.31.4

v7.4.0

v7.4.1

v7.5.0

v7.6.0

v7.7.0

v7.7.1

v7.8.0

v7.8.1

v7.8.2

v7.8.3

v7.8.4

v7.8.5

v7.8.6

v7.8.7

v7.8.8

v7.9.0

v7.9.1

v7.9.2

v7.9.3

v7.9.4

v7.9.5

v7.9.6

v7.9.7

v7.9.8

v7.9.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25988.json"