0.001 Low
EPSS
Percentile
37.5%
An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element.
github.com/thinksaas/ThinkSAAS/issues/21