phpok 6.4.003 contains a Cross Site Scripting (XSS) vulnerability in the okf() method under the framework/api/uploadcontrol.php file.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38953.json",
"cna_assigner": "mitre"
}