CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL scheme in urllib.urlopen().
Attach a file by drag & drop or click to upload
