CVE-2023-48903

Stored Cross-Site Scripting (XSS) vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt