Arbitrary File Upload XSS Vulnerability in Pryaniki 6.44.3

Arbitrary File Upload XSS Vulnerability in Pryaniki 6.44.3

CVE-2021-3395 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.

Learn more about our User Device Pen Test.