← back
CVE-2021-27902

CVE-2021-27902

EPSS 1.0%
An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#360---2021-01-26https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#security-1https://github.com/craftcms/cms/commit/8ee85a8f03c143fa2420e7d6f311d95cae3b19ce