PT-2024-23114 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: ZITADEL versions prior to 2.42.17 ZITADEL versions 2.42.17 through 2.48.3 Description: ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it i...