Vulnerabilities > Sherlockim

DATE CVE VULNERABILITY TITLE RISK
2021-03-29 CVE-2021-29267 Cross-site Scripting vulnerability in Sherlockim
Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature.
network
low complexity
sherlockim CWE-79
6.1
6.1