Easyxdm · Easyxdm · CVE-2023-27739
**Name of the Vulnerable Software and Affected Versions**
easyXDM version 2.5
**Description**
The issue allows for cross-site scripting (XSS) attacks via the `xdm e` parameter. This means an attacker could potentially inject malicious scripts into a website, affecting users who visit the site.
**Recommendations**
For easyXDM version 2.5, consider restricting access to the `xdm e` parameter to minimize the risk of exploitation until a patch is available.