Output Messenger

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-27921 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s response. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Output Messenger
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-27920 HIGH KEV THREAT Act Now

Output Messenger before 2.0.63 contains a directory traversal vulnerability enabling attackers to access files outside the intended directory through path manipulation in parameters.

Path Traversal Output Messenger
NVD
CVSS 3.1
7.2
EPSS
52.0%
CVE-2025-27921
EPSS 0% CVSS 6.1
MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s response. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Output Messenger
NVD
CVE-2025-27920
EPSS 52% CVSS 7.2
HIGH KEV THREAT Act Now

Output Messenger before 2.0.63 contains a directory traversal vulnerability enabling attackers to access files outside the intended directory through path manipulation in parameters.

Path Traversal Output Messenger
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy