CVE-2021-27902

An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt