Reflected Cross-Site Scripting Vulnerability in Output Messenger by SRI Max
CVE-2025-27921
6.1MEDIUM
What is CVE-2025-27921?
A reflected cross-site scripting (XSS) vulnerability has been identified in Output Messenger, allowing attackers to inject unsanitized input into the web application’s response. This security flaw arises when user-controlled input is reflected back to the client’s browser, posing a risk of executing malicious scripts. Users are advised to upgrade to version 2.0.63 or later to mitigate this issue and ensure the security of their communications.
