EPSS
Percentile
89.6%
It's possible to inject commands via filename and Content-Type.
vulners.com/securityvulns/securityvulns:doc:30041