Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.33 views

EUVD-2025-32031

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00481EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/02 12:17 a.m.19 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

8.8CVSS7.4AI score0.00481EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/10/01 6:30 p.m.12 views

Fiora chat user avatar is vulnerable to XSS via SVG files

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows arbitrary JavaScript execution when malicious SVG files are rendered by other users...

5.4CVSS6.2AI score0.00262EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
added 2025/10/01 6:30 p.m.21 views

Fiora chat group avatar is vulnerable to XSS via SVG files

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

8.8CVSS7.5AI score0.00481EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/10/01 4:15 p.m.33 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

5.4CVSS0.00262EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/10/01 12:0 a.m.53 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

0.00481EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/01 12:0 a.m.3 views

CVE-2025-56515

File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tags and JavaScript event handlers onmouseover to be uploaded...

7AI score0.00481EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/01 12:0 a.m.27 views

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

0.00262EPSS
Exploits2References3
Rows per page
Query Builder