Security Advisory

CVE-2021-47716

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-23 19:35:40

Last updated 2026-04-07 14:05:39

Assigner VulnCheck

State PUBLISHED

Description

Orangescrum 1.8.0 contains multiple cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through various input parameters. Attackers can exploit parameters like projid, CS_message, and name to execute arbitrary JavaScript code in victims browsers by submitting crafted payloads through application endpoints.

← Browse all CVEs View on cve.org ↗