Description
Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.
Remediation
References
Related Vulnerabilities
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)
Vulnerable package dependencies [high]
Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9749)
WordPress Plugin WP REST API (WP API) Information Disclosure (1.2)