CVE-2021-23439

Summary

This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).

Affected Software

VendorProductVersion RangeStatus
n/afile-upload-with-previewunspecified < 4.2.0affected

Weaknesses

  • Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References