2018-05-21 21:00:00
mitre
PUBLISHED
An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted.