EPSS
Percentile
30.5%
privatebin is vulnerable to cross-site scripting. No sanitization in handling Attachment before sending for preview in SVG in AttachmentViewer allows malicious script execution in instance context.
github.com/PrivateBin/PrivateBin/commit/2a4d572c1e9eb9b608d32b0cc0cb3b6c3b684eab
github.com/PrivateBin/PrivateBin/pull/906
github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw