5 matches found
CVE-2026-33653 Uploady Vulnerable to Stored Cross-Site Scripting (XSS)
Ulloady is a file uploader script with multi-file upload support. A Stored Cross-Site Scripting XSS vulnerability exists in versions prior to 3.1.2 due to improper sanitization of filenames during the file upload process. An attacker can upload a file with a malicious filename containing JavaScri...
CVE-2026-33653 Uploady Vulnerable to Stored Cross-Site Scripting (XSS)
Ulloady is a file uploader script with multi-file upload support. A Stored Cross-Site Scripting XSS vulnerability exists in versions prior to 3.1.2 due to improper sanitization of filenames during the file upload process. An attacker can upload a file with a malicious filename containing JavaScri...
CVE-2026-33653
Uploady is vulnerable to a stored XSS in versions before 3.1.2 due to improper sanitization of filenames during upload. A malicious filename can execute JavaScript when displayed in the file list or details page. The issue is fixed in version 3.1.2. The available connected documents confirm the a...
Uploady 跨站脚本漏洞
Uploady is a modern secure file upload script developed by Faris AL-Otaibi, designed to support multiple file uploads. Versions of Uploady prior to 3.1.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper filename cleaning during the file upload process, whic...
react-uploady 安全漏洞
react-uploady is an upload component of rpldy open source. A security vulnerability exists in react-uploady v1.8.1, which stems from the lib.createUploader function containing a prototype contamination vulnerability...