#html-attachments

#html-attachments

sao executes JavaScript in uploaded HTML documents, exposing session and sensitive data; upgrade sao to the latest version to remediate.