PT-2025-39648
Name of the Vulnerable Software and Affected Versions Todoist version 8484 Description The application does not properly validate the MIME type and sanitize image metadata during avatar uploads, leading to a stored cross-site scripting issue. This allows for the execution of malicious scripts...