CVE-2020-23037
CVE-2020-23037 affects Portable Ltd Playable v9.18. A code injection vulnerability exists in the filename parameter that allows an attacker to execute arbitrary web scripts or HTML via a crafted POST request. The issue is rooted in the filename handling and, per linked documents, is demonstrated ...