24 matches found
CVE-2026-46360
phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities that limits recursive entity decoding to 5 iterations, allowing attackers to bypass sanitization. Authenticated users with FAQEDIT permission can upload malicious SVG files with deeply...
CVE-2026-34974
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ SvgSanitizer.php can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with editfaq permission can upload a malicious SVG that executes...
Vikunja: Stored XSS via Unsanitized SVG Attachment Upload Leads to Token Exposure
Details The application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application does not sanitize SVG content before storing it. When the uploaded SVG file is...
CVE-2021-47783
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform...
CVE-2021-47783 Phpwcms 1.9.30 - Arbitrary File Upload
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform...
CVE-2021-47783 Phpwcms 1.9.30 - Arbitrary File Upload
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform...
linkding 安全漏洞
linkding is a bookmark manager that can be self-hosted by the individual developer Sascha Ißbrücker. A security vulnerability exists in linkding that stems from the file upload feature in the bookmarks and asset rendering pipeline that allows the upload of malicious SVG files containing JavaScrip...
CVE-2025-14202 Cross-Site Request Forgery (CSRF) Leading to Account Takeover via SVG File Upload
A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, JavaScript executes in the admin’s browser,...
CVE-2023-53925 UliCMS 2023.1 Stored Cross-Site Scripting via SVG File Upload
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...
PT-2025-51966
Name of the Vulnerable Software and Affected Versions PHPFusion version 9.10.30 Description The software contains a stored cross-site scripting issue in the file manager. Attackers can upload malicious SVG files containing embedded JavaScript. These files, when viewed, can execute arbitrary...
CVE-2023-53884
Webedition CMS v2.9.8.8 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the media upload feature to inject and execute arbitrary scripts when the file is...
CVE-2023-53903
WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files with script tags that execute when the file is viewed, enabling persistent cross-site scripting...
EUVD-2023-60187
WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files with script tags that execute when the file is viewed, enabling persistent cross-site scripting...
PT-2025-51751
Name of the Vulnerable Software and Affected Versions WebsiteBaker version 2.13.3 Description WebsiteBaker version 2.13.3 has a stored cross-site scripting issue. Authenticated users can upload malicious SVG files containing JavaScript. Uploading crafted SVG files with script tags allows for...
CVE-2023-53890
Perch CMS 3.2 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags that execute when the file is viewed, potentially stealing user session information or performi...
CVE-2025-62418
Bagisto is an open source laravel eCommerce platform. In Bagisto v2.3.7, the TinyMCE image upload functionality allows an attacker with sufficient privileges e.g. admin to upload a crafted SVG file containing embedded JavaScript. When viewed, the malicious code executes in the context of the...
CVE-2025-60454
A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the image management module, specifically in the app\system\img\admin\imgadmin.class.php component. The vulnerability allows attackers to upload malicious SVG files containi...
naughty-images
This repository contains a collection of SVG images that exploit the SVG vulnerability in various browsers, allowing for cross-site scripting XSS attacks. The images are designed to trigger the vulnerability when loaded in a browser, potentially allowing an attacker to execute malicious code on t...
CVE-2020-11887
svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...
CVE-2024-8673
The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript...