CVE-2021-3318

CVE-2021-3318

attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.

Source: CVE-2021-3318