CVE-2021-43829

Name of the Vulnerable Software and Affected Versions: PatrOwl versions prior to 1.7.7

Description: The issue affects PatrOwl, a free and open-source solution for orchestrating Security Operations. In affected versions, PatrowlManager handles upload files in the findings import feature without proper restrictions. This allows for the upload of dangerous file types to the server, potentially leading to XSS attacks and other forms of code injection.

Recommendations: For versions prior to 1.7.7, update to version 1.7.7 as soon as possible to resolve the issue. At the moment, there is no information about other workarounds for this issue.