Unrated severityNVD Advisory· Published Feb 11, 2022· Updated Aug 4, 2024
CVE-2021-42940
CVE-2021-42940
Description
A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- truedigitalsecurity.com/services/penetration-testing-services/advisory-summary-2.2022-cve-2021-42940mitrex_refsource_MISC
- www.projeqtor.org/en/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.