Security Advisory

CVE-2025-27921

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-05 00:00:00
Last updated 2025-05-05 15:57:38
Assigner mitre
State PUBLISHED

Description

A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s response. This vulnerability occurs when user-controlled input is reflected back into the browser without proper sanitization or encoding.