PT-2021-16899 · Publify · Publify
Name of the Vulnerable Software and Affected Versions: publify versions v8.0 through v9.2.4 Description: The issue is related to stored XSS due to an unrestricted file upload. This allows a user with the publisher role to inject malicious JavaScript via an uploaded html file. Recommendations: For...