Magento LTS is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to insufficient input validation on form fields within File.php
. This allows a low-privileged attacker to inject malicious scripts, resulting in Cross-site Scripting (XSS).