CVE-2021-20103

Summary

Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php.

Affected Software

VendorProductVersion RangeStatus
n/aAppNitro MachformAll versions prior to version 16affected

Weaknesses

  • Unauthenticated File Upload

ADP Enrichment

CVE Program Container

Additional References

References