CVE-2021-40191
CVE-2021-40191 affects Dzzoffice 2.02.1 with a cross-site scripting (XSS) flaw caused by insufficient sanitization of input data across all upload functions in webroot/dzz/attach/Uploader.class.php, and a misconstructed output content-type in webroot/dzz/attach/controller.php. The issue is docume...