Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-32031

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00033EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-32019

Malicious code in bioql PyPI...

6.4AI score0.00011EPSS
Exploits2References4
RedhatCVE
RedhatCVEadded 2025/10/02 12:17 a.m.4 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

6AI score0.00011EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/10/02 12:17 a.m.5 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

8.8CVSS7.4AI score0.00033EPSS
Exploits1References1
Github Security Blog
Github Security Blogadded 2025/10/01 6:30 p.m.4 views

Fiora chat user avatar is vulnerable to XSS via SVG files

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows arbitrary JavaScript execution when malicious SVG files are rendered by other users...

5.4CVSS6.2AI score0.00011EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blogadded 2025/10/01 6:30 p.m.6 views

Fiora chat group avatar is vulnerable to XSS via SVG files

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

8.8CVSS7.5AI score0.00033EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2025/10/01 6:30 p.m.2 views

GHSA-HG3J-6PMH-MVJR Fiora chat user avatar is vulnerable to XSS via SVG files

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows arbitrary JavaScript execution when malicious SVG files are rendered by other users...

5.1CVSS6.2AI score0.00011EPSS
Exploits2References4
NVD
NVDadded 2025/10/01 4:15 p.m.1 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

8.8CVSS0.00033EPSS
Exploits1References3
NVD
NVDadded 2025/10/01 4:15 p.m.1 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

5.4CVSS0.00011EPSS
Exploits2References3
OSV
OSVadded 2025/10/01 4:15 p.m.0 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

5.4CVSS5.9AI score0.00011EPSS
Exploits2References3
CVE
CVEadded 2025/10/01 12:0 a.m.11 views

CVE-2025-56514

A CVE entry for Fiora chat application 1.0.0 (CVE-2025-56514) documents a Cross Site Scripting (XSS) vulnerability arising when malicious SVG files are rendered by other users. Concrete details from connected sources show the vulnerability affects Fiora 1.0.0 and involves uploading or rendering a...

5.4CVSS5.6AI score0.00011EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2025/10/01 12:0 a.m.5 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

0.00011EPSS
Exploits2References3
CVE
CVEadded 2025/10/01 12:0 a.m.12 views

CVE-2025-56515

CVE-2025-56515 affects Fiora chat application 1.0.0. The issue is in the user avatar SVG upload: content is not validated, allowing SVGs with foreignObject, iframe elements and JavaScript event handlers (e.g., onmouseover) to be uploaded and stored. When rendered, these SVGs execute arbitrary Jav...

8.8CVSS7AI score0.00033EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2025/10/01 12:0 a.m.4 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

0.00033EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/10/01 12:0 a.m.2 views

PT-2025-40248

Name of the Vulnerable Software and Affected Versions Fiora chat application version 1.0.0 Description A Cross Site Scripting XSS issue exists in the Fiora chat application. The application allows the execution of arbitrary JavaScript code when malicious SVG files are rendered by other users...

5.1CVSS6AI score0.00011EPSS
Exploits2References7
Vulnrichment
Vulnrichmentadded 2025/10/01 12:0 a.m.1 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

7AI score0.00033EPSS
Exploits1References3
Packet Storm
Packet Stormadded 2025/10/01 12:0 a.m.190 views

📄 Fiora Chat 1.0.0 Cross Site Scripting

Fiora Chat version 1.0.0 suffers from a cross site scripting vulnerability. CVE-2025-56514: Cross Site Scripting XSS Vulnerability in Fiora Chat Application Overview A Cross Site Scripting XSS vulnerability, identified as CVE-2025-56514, affects the Fiora chat application version 1.0.0. This...

5.4CVSS6.4AI score0.00011EPSS
Exploits2
Rows per page
Query Builder