CVE-2021-33494 — Cross-site Scripting in OX APP Suite
Severity
6.1MEDIUMNVD
EPSS
0.4%
top 39.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 22
Latest updateNov 23
Description
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7