CVE-2017-9244

Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt