CVE-2023-26146

Name of the Vulnerable Software and Affected Versions ithewei/libhv versions all

Description The issue concerns Cross-site Scripting (XSS) where filenames containing malicious payloads are not properly sanitized when rendered. This occurs when a file with such a name is served by the application.

Recommendations For all versions, consider implementing proper sanitization of filenames to prevent XSS attacks. As a temporary workaround, restrict the ability to upload files with potentially malicious names until a proper fix is applied.