Cross-Site Scripting (XSS) via SVG Image Upload in ASUSTOR ADM 3.1.1 File Explorer
CVE-2018-12305 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript by uploading SVG images with embedded JavaScript.
Learn more about our Web Application Penetration Testing UK.