0.001 Low
EPSS
Percentile
45.2%
Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.
craftcms.com/changelog#2-6-2982
github.com/craftcms/cms
nvd.nist.gov/vuln/detail/CVE-2017-9516
packetstormsecurity.com/files/142851/Craft-CMS-2.6-Cross-Site-Scripting-File-Upload.html
twitter.com/CraftCMS/status/872599894912937984
www.exploit-db.com/exploits/42143