If a target sends a corrupted file, it leads to a reflected XSS.
The problem is fixed in 1.7.6.6
Cross-site Scripting (XSS) - Reflected (CWE-79)
Thanks to Komradz
Impact
If a target sends a corrupted file, it leads to a reflected XSS.
Patches
The problem is fixed in 1.7.6.6
References
Cross-site Scripting (XSS) - Reflected (CWE-79)
Thanks to Komradz