Описание
Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS.
Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS.
EPSS
Процентиль: 43%
0.00206
Низкий
CVE ID
Связанные уязвимости
CVSS3: 5.4
nvd
больше 5 лет назад
Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS.
EPSS
Процентиль: 43%
0.00206
Низкий