Lucene search
K

403 matches found

Github Security Blog
Github Security Blog
added 2026/04/10 7:50 p.m.7 views

Ech0 has Stored XSS via SVG Upload and Content-Type Validation Bypass in File Upload

Summary The file upload endpoint validates Content-Type using only the client-supplied multipart header, with no server-side content inspection or file extension validation. Combined with an unauthenticated static file server that determines Content-Type from file extension, this allows an admin ...

5.8AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.6 views

QuickDrop 跨站脚本漏洞

QuickDrop is a self-hosted anonymous file sharing application developed by Rostislav. It supports multipart uploads and encrypted storage. Versions of QuickDrop prior to 1.5.3 had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-related cross-site scripting flaw in...

6.1CVSS5.6AI score0.00187EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 3:30 p.m.4 views

EUVD-2026-16666

The '/api/v1/files/images/flowid/filename' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an attacker can upload a malicious SVG that executes arbitrary JavaScript when viewed by other users, leadi...

7CVSS5.9AI score0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/10 5:37 p.m.27 views

CVE-2026-30974 Copyparty volflag `nohtml` did not block javascript in svg files

Copyparty is a portable file server. Prior to v1.20.11., the nohtml config option, intended to prevent execution of JavaScript in user-uploaded HTML files, did not apply to SVG images. A user with write-permission could upload an SVG containing embedded JavaScript, which would execute in the...

4.6CVSS0.00323EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/10 1:20 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the nohtml configuration option not applying to SVG files. An attacker can execute arbitrary JavaScript code in the context of the user who opens a malicious SVG by uploading a crafted SVG file containing...

5.4CVSS5.7AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.4 views

CVE-2026-26272

HomeBox is a home inventory and organization system. Prior to 0.24.0-rc.1, a stored cross-site scripting XSS vulnerability exists in the item attachment upload functionality. The application does not properly validate or restrict uploaded file types, allowing an authenticated user to upload...

5.4CVSS5.8AI score0.00166EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/04 9:32 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Asset Manager upload process. A user with cms.manageassets permission can execute arbitrary scripts in the context of the affected application by uploading specially crafted SVG files. Details Cross-site...

4.8CVSS5.5AI score0.00251EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 7:16 a.m.3 views

CVE-2026-1065

The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin's default file upload allowlist including SVG files combined with weak substring-based extension validation. This makes it possible fo...

7.2CVSS0.00338EPSS
Exploits0References5
Snyk
Snyk
added 2026/01/21 10:46 p.m.8 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the upload arbitrary files. An attacker can execute arbitrary scripts in the context of another user's browser by uploading malicious HTML or SVG files that are then rendered from the same domain as the...

8.5CVSS6AI score0.00228EPSS
Exploits1References2
NVD
NVD
added 2026/01/21 10:15 p.m.15 views

CVE-2026-23499

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...

8.5CVSS0.00228EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/21 9:36 p.m.7 views

EUVD-2026-3775

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...

8.5CVSS5.9AI score0.00228EPSS
Exploits1References7
OSV
OSV
added 2026/01/13 11:15 p.m.5 views

CVE-2022-50906

e107 CMS 3.2.1 contains an upload restriction bypass vulnerability that allows authenticated administrators to upload malicious SVG files through the media manager. Attackers with admin privileges can exploit this vulnerability to upload SVG files with embedded cross-site scripting XSS payloads...

4.8CVSS5.9AI score0.00353EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.6 views

CVE-2018-18823

WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/filemanager/browse/...

4.8CVSS5.8AI score0.01048EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.6 views

CVE-2025-14842

The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited upload of files with a dangerous type in all versions up to, and including, 1.3.9.2. This is due to the plugin not blocking .phar and .svg files. This makes it possible for unauthenticated...

6.1CVSS6.9AI score0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 6:36 a.m.36 views

CVE-2025-14842 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload

The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited upload of files with a dangerous type in all versions up to, and including, 1.3.9.2. This is due to the plugin not blocking .phar and .svg files. This makes it possible for unauthenticated...

6.1CVSS0.00303EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.5 views

PT-2026-1566

Name of the Vulnerable Software and Affected Versions Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress versions prior to 1.3.9.3 Description The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress allows the upload of potentially dangerous file types,...

6.1CVSS7.7AI score0.00303EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/23 12:25 a.m.7 views

CVE-2025-65790

A reflected cross-site scripting XSS vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline...

6.1CVSS5.9AI score0.00218EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/12/22 12:0 a.m.29 views

CVE-2025-65790

A reflected cross-site scripting XSS vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline element, the browser executes...

0.00218EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.3 views

PT-2025-51751

Name of the Vulnerable Software and Affected Versions WebsiteBaker version 2.13.3 Description WebsiteBaker version 2.13.3 has a stored cross-site scripting issue. Authenticated users can upload malicious SVG files containing JavaScript. Uploading crafted SVG files with script tags allows for...

5.4CVSS5.7AI score0.00201EPSS
Exploits1References8
NVD
NVD
added 2025/12/15 9:15 p.m.6 views

CVE-2023-53890

Perch CMS 3.2 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags that execute when the file is viewed, potentially stealing user session information or performi...

5.4CVSS0.00198EPSS
Exploits1References3
Rows per page
Query Builder