CVE-2021-25647
Last modified
CVE-2021-25647 is a medium-severity vulnerability rated 5.4/10 on the CVSS scale. Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.. EPSS estimates a 0.75% chance of exploitation in the next 30 days.
Description
Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Testes-Codigo | Testes De Codigo | <= 11.3 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-25647?
How severe is CVE-2021-25647?
How do I fix CVE-2021-25647?
Are you affected by CVE-2021-25647?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST