CVE-2021-33495 — Cross-site Scripting in OX APP Suite

Severity

6.1MEDIUMNVD

EPSS

0.4%

top 38.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 22

Latest updateNov 23

Description

OX App Suite 7.10.5 allows XSS via an OX Chat system message.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

GHSA

GHSA-j244-24xw-9prp: OX App Suite 7↗2021-11-23

▶

CVEList

CVE-2021-33495: OX App Suite 7↗2021-11-22

▶