Security Advisory

CVE-2023-30791

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-15 18:41:21

Last updated 2024-10-30 15:19:28

Assigner Fluid Attacks

State PUBLISHED

Description

Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.

← Browse all CVEs View on cve.org ↗