CVE-2021-47844

Name of the Vulnerable Software and Affected Versions Xmind 2020

Description Xmind 2020 is affected by a cross-site scripting issue. This allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can create malicious files containing embedded JavaScript that execute system commands when opened. Exploitation can occur through mouse interactions or file opening, potentially leading to remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.