A cross-site scripting (XSS) vulnerability in Ready_'s File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation3 reference(s) from NVD