Read more at Medium
CVE-2023-33977 Stored XSS Via SVG Upload in kiwitcms/kiwi - by M Nadeem Qazi Description This repository addresses the stored XSS vulnerability discovered in the kiwitcms/kiwi application, which was assigned the CVE-2023-33977 identifier The vulnerability allows for the execution of malicious scripts via SVG file uploads When an SVG file containing the payload is uploaded, th