[publify_core] Cross site scripting in publify

Unrestricted file upload allowed the attacker to manipulate the request and bypass the protection of HTML files using a text file. Stored XSS may be obtained.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-1811
https://github.com/publify/publify…