CVE-2021-32853

Name of the Vulnerable Software and Affected Versions Erxes versions 0.22.3 and prior

Description Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting. This results in client-side code execution. The victim must follow a malicious link or be redirected there from a malicious web site.

Recommendations For versions 0.22.3 and prior, there is no information about a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to potentially malicious links to minimize the risk of exploitation. Avoid using the system until a patch is available.