Количество 2
Количество 2
CVE-2023-30791
Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.
GHSA-fjvj-rr24-chm8
Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-30791 Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript. | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
| GHSA-fjvj-rr24-chm8 Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript. | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу