Advisory #43
| Title | transfer.sh cross-site scripting via inline view |
| CVE ID | CVE-2021-33496 |
| Vendor | Dutchcoders |
| Affected product | transfer.sh |
| Affected versions | - 1.2.3 |
| Vulnerability type | CWE-79 (Cross-site Scripting) |
| Description | transfer.sh has a vulnerability that allows cross-site scripting via specially crafted file. |
| Status | Fixed in 1.2.4 |
| Recommendation | Update to 1.2.4 or above. |