https://gryfman.fr/tags/file-upload/Recent content in File Upload on gryfmanHugoen-ussussetnoe2004@gmail.com (gryfman)sussetnoe2004@gmail.com (gryfman)Mon, 27 Apr 2026 00:00:01 +0200https://gryfman.fr/cves/cve-2026-41467/Mon, 27 Apr 2026 00:00:01 +0200sussetnoe2004@gmail.com (gryfman)https://gryfman.fr/cves/cve-2026-41467/<h2 id="introduction">Introduction</h2> <p>This post covers another stored XSS vulnerability in ProjeQtOr, this time through file upload.</p> <h1 id="i-already-introduced-projeqtor-and-why-this-kind-of-application-can-contain-sensitive-business-data-in-the-first-article-of-the-series-from-login-to-admin--cve-2026-41462">&laquo;&laquo;&laquo;&lt; HEAD I already introduced ProjeQtOr and why this kind of application can contain sensitive business data in the first article of the series: <a href="https://gryfman.fr/cves/cve-2026-41462/">From login to admin : CVE-2026-41462</a> .</h1> <p>I already introduced ProjeQtOr and why this kind of application can contain sensitive business data in the first article of the series: <a href="https://gryfman.fr/cve/cve-2026-41462/">From login to admin : CVE-2026-41462</a> .</p>