Security Advisories - PKSA-dkbm-bh96-zk72 - Packagist

PKSA-dkbm-bh96-zk72 Security Advisory

[MEDIUM] Cross-site scripting (XSS) from MIME type auto-detection of uploaded files

PKSA-dkbm-bh96-zk72 CVE-2023-38491 GHSA-8fv7-wq38-f5c9

Affected package: getkirby/cms

Affected version: >=3.9.0,<3.9.6|>=3.8.0,<3.8.4.1|>=3.7.0,<3.7.5.2|>=3.6.0,<3.6.6.3|<3.5.8.3

Reported by:
GitHub