Cross-Site Scripting (XSS)
serenity.net.services and serenity.net.core are vulnerable to Cross-Site Scripting XSS attacks. The library does not properly check for specific prohibited file types, allowing an attacker to upload malicious .html or .htm files containing XSS payloads...