EPSS
Percentile
34.7%
privatebin/privatebin is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via the filename of an attachment.
github.com/PrivateBin/PrivateBin/commit/8d0ac336d23cd8c98e71d5f21cdadcae9c8a26e6
github.com/PrivateBin/PrivateBin/issues/554
github.com/PrivateBin/PrivateBin/security/advisories/GHSA-8j72-p2wm-6738
privatebin.info/news/v1.3.2-v1.2.2-release.html