CVE-2021-27902
An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads. Date published : 2021-06-30 https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#360—2021-01-26 https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#security-1