CVE-2021-47783

Name of the Vulnerable Software and Affected Versions Phpwcms version 1.9.30

Description The software contains a file upload issue that permits authenticated attackers to upload malicious SVG files containing JavaScript. Attackers can leverage the multiple file upload functionality to upload specially crafted SVG payloads, potentially leading to cross-site scripting attacks on the platform. The vulnerable functionality involves the upload of files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.