Johndatserakis: >> File-Upload-With-Preview >> 3.1.3 Security Vulnerabilities
This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).
CVSS Score
4.2
EPSS Score
0.004
Published
2021-09-05