CVE-2021-27564: XSS
First published: Mon Feb 22 2021(Updated: )
A stored XSS issue exists in Appspace 6.2.4. After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever another member visits that group, this payload executes.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Appspace Appspace | =6.2.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-27564?
CVE-2021-27564 is a stored XSS vulnerability that exists in Appspace 6.2.4.
How does CVE-2021-27564 work?
After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever another member visits that group, this payload executes.
What is the severity level of CVE-2021-27564?
CVE-2021-27564 has a severity level of medium.
How can I fix CVE-2021-27564?
To fix CVE-2021-27564, update Appspace to version 6.2.5 or later.
Is there any additional information available about CVE-2021-27564?
Yes, you can find more information about CVE-2021-27564 at the following reference: https://github.com/viperbluff/Appspace-Ver-6.2.4-Stored-Xss
- collector/nvd-index
- vendor/appspace
- canonical/appspace appspace
- version/appspace appspace/6.2.4