VYPR
Unrated severityNVD Advisory· Published Dec 2, 2021· Updated Sep 16, 2024

Stored XSS Vulnerability in File Name of the File Upload function

CVE-2021-23260

Description

Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.