2025-10-24 05:17:23
jpcert
PUBLISHED
Pleasanter contains a stored cross-site scripting vulnerability in Preview for Attachments, which allows an attacker to execute an arbitrary script in a logged-in users web browser.