CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-27921

A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s response. This vulnerability occurs when user-controlled input is reflected back into the browser without proper sanitization or encoding.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://www.outputmessenger.com/cve-2025-27921/
https://www.srimax.com/products-2/output-messenger/

Products affected by CVE-2025-27921

Srimax » Output Messenger » Version: Any

cpe:2.3:a:srimax:output_messenger:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27921

Products

Pricing

Contact Us