A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content.