EPSS
Percentile
24.8%
getkirby/kirby is vulnerable to cross-site scripting (XSS). The vulnerability is possible due to incorrect file validation via “site files” Add option while uploading an SVG file.
github.com/security-provensec/CVE-2018-16630/blob/master/Kirby_Insecure%20file%20validation.pdf