silverstripe-australia/advancedreports is vulnerable to cross-site scripting (XSS). An attacker is able to inject and execute arbitrary Javascript in a user’s browser via a malicious CSV file.
CPE | Name | Operator | Version |
---|---|---|---|
silverstripe-australia/advancedreports | le | 2.3.2 |