privatebin is vulnerable to cross-site scripting. No sanitization in handling Attachment before sending for preview in SVG in AttachmentViewer allows malicious script execution in instance context.
CPE | Name | Operator | Version |
---|---|---|---|
privatebin/privatebin | le | 1.3.6 | |
privatebin/privatebin | le | 1.3.6 |