PeerTube is a decentralized video sharing service platform. Peertube has a cross-site scripting vulnerability in versions prior to v3.4.0, which stems from the application’s lack of user input data validation and filtering of the data at the input location, and could be used by an attacker to upload an SVG image and then send the url of the image to execute JavaScript on the client side. code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
peertube peertube | lt | 3.4.0 |