2025-12-31 18:40:52
VulnCheck
PUBLISHED
STVS ProVision 5.9.10 contains a cross-site scripting vulnerability in the files POST parameter that allows authenticated attackers to inject arbitrary HTML code. Attackers can exploit the unvalidated input to execute malicious scripts within a users browser session in the context of the affected site.