CVE-2021-37330
The CVE refers to CVE-2021-37330 affecting Laravel Booking System Booking Core 2.0. The vulnerability is a Cross Site Scripting (XSS) in the Avatar upload on the My Profile page, where uploading a malicious SVG containing Javascript could trigger an XSS when another user/admin views the avatar. D...