2025-04-16 12:36:53
CERT-PL
PUBLISHED
A cross-site scripting (XSS) vulnerability in Ready_s File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file.