An issue exists in AjaXplorer 4.2.3, allows malicious users to cause cross site scripting vulnerabilities via a crafted svg file upload.
ajaxplorer ajaxplorer 4.2.3