CVE-2023-30791
Published
CVSS v3
7.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.
🔥🔥🔥 Open-source Jira, Linear, Monday, and ClickUp alternative. Plane is a modern project management platform to manage tasks, sprints, docs, and triage.
GitHub