Arbitrary File Upload XSS Vulnerability in Pryaniki 6.44.3
CVE-2021-3395 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.
Learn more about our User Device Pen Test.