[MEDIUM] SunHater KCFinder cross-site scripting (XSS) vulnerability in upload.php

PKSA-rxbf-qq5y-qy2v CVE-2019-14315 GHSA-vwh5-78jc-hpjx

Affected package: sunhater/kcfinder

Affected version: <=3.20-test2

Reported by:
GitHub