8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.9%
A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.
truedigitalsecurity.com/services/penetration-testing-services/advisory-summary-2.2022-cve-2021-42940
www.projeqtor.org/en/