Stored Cross-Site Scripting (XSS)

Open WebUI is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of Markdown content in the Notes PDF export functionality, allowing attackers to embed malicious SVG tags that execute arbitrary JavaScript when the note is downloaded as a PDF,...

USN-8077-1 python-bleach vulnerabilities

It was discovered that Bleach did not properly sanitize URI attributes containing character entities. An attacker could possibly use this issue to construct a URI with a disallowed scheme that would bypass sanitization, leading to cross-site scripting. This issue only affected Ubuntu 18.04 LTS...

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the downloadPdf function for Notes feature. An attacker can execute arbitrary JavaScript code and steal session tokens by importing a specially crafted Markdown file containing...

EUVD-2025-201263

Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'...

CVE-2025-65959

CVE-2025-65959 concerns a stored XSS in Open WebUI’s Notes PDF download feature. The vulnerability arises when HTML content from a Markdown note is assigned directly to innerHTML during PDF generation, enabling arbitrary JavaScript execution (e.g., SVG-based payloads) and session-token theft. Exp...

EUVD-2020-0055

Malware in sbrugna...

EUVD-2022-5936

Malicious code in bioql PyPI...

CVE-2023-36828

Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the sanitize function. Versio...

CVE-2022-34473

The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox 102...

Design/Logic Flaw

The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox 102...

CVE-2022-34473

The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox 102...

CVE-2022-34475

SVG use tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects...

Directory Traversal

convert-svg-core is vulnerable to directory traversal. The vulnerability exists in Converter.js because the SVG tags are not properly sanitized which allows an attacker to access file directories via a specially crafted SVG file...

CVE-2022-24278

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file...

CVE-2022-24278

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file...

Directory traversal

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file...

CVE-2022-24278 Directory Traversal

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file...

PYSEC-2020-28

In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...

Google Chrome XSSAuditor Policy ByPass

A policy bypass vulnerability exists in Google Chrome. The vulnerability is due to improper handling of script tags within svg tags. A remote attacker can exploit this vulnerability by enticing a user to follow a crafted URL. Successful exploitation will result in bypassing the XSSAuditor feature...