Security Advisory

CVE-2021-42940

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-11 15:54:30

Last updated 2024-08-04 03:47:12

Assigner mitre

State PUBLISHED

Description

A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.

← Browse all CVEs View on cve.org ↗