4.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.4%
An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted.
github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976e
github.com/pluck-cms/pluck/issues/58