Description
An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads.
Remediation
References
Related Vulnerabilities
WordPress Plugin GDPR Cookie Compliance Security Bypass (4.0.2)
MySQL CVE-2017-3308 Vulnerability (CVE-2017-3308)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0185)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104)
WordPress Plugin How to Create an App for Android iPhone Easytouch Arbitrary File Upload (3.0)