6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.8%
Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card.
hackerone.com/reports/227853