This affects the package file-upload-with-preview prior to 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
johndatserakis file-upload-with-preview |