CVE-2024-42055 Information

Description

Cervantes through 0.5-alpha allows stored XSS.

Reference

https://www.getastra.com/blog/vulnerability/xss-insecure-file-cervantes/ https://www.jinsonvarghese.com/stored-xss-file-upload-vulnerabilities-found-in-cervantes/ https://github.com/CervantesSec/cervantes/commit/78631a034d0fb3323a53fb7428b2022b29a0d2cd