CVE-2019-14280 - Craftcms Craft CMS
Moderate 5.3
In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public.
Affected software
Craftcms Craft CMS