Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-11	CVE-2021-42940	Cross-site Scripting vulnerability in Projeqtor A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code. network low complexity projeqtor CWE-79 critical	9.9

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.