CVE-2024-55451
CVE-2024-55451 affects UJCMS 9.6.3. A Stored XSS exists in the authenticated SVG file upload/viewing functionality due to insufficient sanitization of embedded attributes in SVGs. When viewed by other backend users, it can execute arbitrary JavaScript in their browser context, potentially stealin...