Cervantes version Alpha 0.5 and below were found to be vulnerable to Stored XSS at multiple places, in addition to being vulnerable to Insecure File Uploads that could be used for HTML Injection attacks. CVE-2024-42054CVE-2024-42055 Summary...
Jinson Varghese Behanan
Cybersecurity Researcher and Ethical Hacker
Specializing in Vulnerability Assessment