EPSS
Percentile
21.4%
Unrestricted file upload allowed the attacker to manipulate the request and bypass the protection of HTML files using a text file. Stored XSS may be obtained.
github.com/publify/publify
github.com/publify/publify/commit/0fb6b027fbaf17f6a6551f2148482a03eac12927
github.com/rubysec/ruby-advisory-db/blob/master/gems/publify_core/CVE-2022-1811.yml
huntr.dev/bounties/4d97f665-c9f1-4c38-b774-692255a7c44c
nvd.nist.gov/vuln/detail/CVE-2022-1811