Source: drupal7 Version: 7.52-2+deb9u6 Severity: grave Tags: security upstream Justification: user security hole
Hi >From https://www.drupal.org/SA-CORE-2019-004 > Description: > > Under certain circumstances the File module/subsystem allows a > malicious user to upload a file that can trigger a cross-site > scripting (XSS) vulnerability. Regards, Salvatore