gwtupload is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script in a user’s browser via the name
parameter of file upload functionality.
CPE | Name | Operator | Version |
---|---|---|---|
gwtupload library | le | 1.0.3 | |
gwtupload library | le | 1.0.3 |