DEBIAN-CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

CVE-2026-35543

A flaw was found in Roundcube Webmail. A remote attacker could bypass the remote image blocking feature by sending a specially crafted email that includes Scalable Vector Graphics SVG content with animation attributes. This vulnerability may lead to unauthorized information disclosure or an...

CVE-2026-31807

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements , , and removes on event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements , which can dynamically set attributes to dangero...

GHSA-V4HV-RGFQ-GP49 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

CVE-2025-66412

CVE-2025-66412 concerns Angular’s Template Compiler, where a stored XSS could occur due to an incomplete security schema that fails to classify certain URL-holding attributes (e.g., javascript: URLs) as requiring strict URL security. The vulnerability allows injection of malicious scripts and is ...

CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...

EUVD-2013-0916

Malware in sbrugna...

EUVD-2011-3012

Malware in sbrugna...

EUVD-2011-2603

Malware in sbrugna...

EUVD-2011-3622

Malware in sbrugna...

EUVD-2024-51500

Malicious code in bioql PyPI...

CVE-2011-2620

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service application crash via vectors involving SVG animation...

The vulnerability of the Views module in Drupal’s SVG animation CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Views module in the Drupal SVG Animation CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2024-13287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting XSS.This issue affects Views SVG Animation: from 0.0.0 before 1.0.1...

CVE-2024-13287

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting XSS.This issue affects Views SVG Animation: from 0.0.0 before 1.0.1...

CVE-2024-13287 Views SVG Animation - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-051

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting XSS.This issue affects Views SVG Animation: from 0.0.0 before 1.0.1...

CVE-2024-13287 Views SVG Animation - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-051

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting XSS.This issue affects Views SVG Animation: from 0.0.0 before 1.0.1...

CVE-2024-13287

Summary (CVE-2024-13287): Drupal Views SVG Animation contains an XSS vulnerability due to improper neutralization of input during web page generation. Affected versions are 0.0.0 through 1.0.0; fixed in 1.0.1 and later. The issue is documented in multiple sources (SA-CONTRIB-2024-051, DRUPAL-SA-C...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Views SVG Animation prior to version 1.0.1, which stems from improper input neutralization during page generation, resulting in a cross-site scriptin...

PT-2025-2102 · Drupal · Drupal Views Svg Animation

Name of the Vulnerable Software and Affected Versions: Drupal Views SVG Animation versions 0.0.0 through 1.0.0 Description: The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting XSS. This can be exploited by a remote attacker to...