CVE-2026-45346

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.31, there is a Cross-Site Scripting vulnerability in Open WebUI SVG renderer implementation. This vulnerability is fixed in 0.6.31...

Edupage Cross Site Request Forgery / Spoofing

Non-sanitised submission of malicious SVG files on the Edupage portal in combination with cross site request forgery attacks allows the triggering various actions on behalf of other users, e.g. identity spoofing, sending fake messages, giving fake approvals, etc...

CVE-2021-47955

CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...

CVE-2021-47955 CouchCMS 2.2.1 Cross-Site Scripting via SVG File Upload

CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...

CVE-2020-37238 CMS Made Simple 2.2.15 Stored XSS via SVG File Upload

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when othe...

CVE-2020-37238

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when othe...

OPENSUSE-SU-2026:20759-1 Security update for emacs

This update for emacs fixes the following issue: - CVE-2026-6861: memory corruption when processing specially crafted SVG CSS data bsc1262611. - Build with tree-sitter-0.26.8 security update bsc1262007...

CouchCMS 跨站脚本漏洞

CouchCMS is an open-source content management system designed for designers. Version 2.2.1 of CouchCMS has a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting issues, allowing authenticated attackers to upload malicious SVG files through the file upload featur...

PT-2026-41438

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when othe...

CVE-2026-45346

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.31, there is a Cross-Site Scripting vulnerability in Open WebUI SVG renderer implementation. This vulnerability is fixed in 0.6.31...

CVE-2026-4054

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header e.g. image/png...

CVE-2026-46360 phpMyFAQ - Stored XSS via Entity Decoding Depth Limit Bypass in SVG Sanitizer

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities that limits recursive entity decoding to 5 iterations, allowing attackers to bypass sanitization. Authenticated users with FAQEDIT permission can upload malicious SVG files with deeply...

CVE-2026-46360 phpMyFAQ - Stored XSS via Entity Decoding Depth Limit Bypass in SVG Sanitizer

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities that limits recursive entity decoding to 5 iterations, allowing attackers to bypass sanitization. Authenticated users with FAQEDIT permission can upload malicious SVG files with deeply...

CVE-2026-4054

Mattermost disclosure CVE-2026-4054 affects Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, and 11.4.x

CVE-2026-4054 SVG content served through Mattermost image proxy despite Content-Type restrictions causes client-side denial of service

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header e.g. image/png...

CVE-2026-6210

A flaw was found in Qt SVG. A remote attacker could exploit a vulnerability by providing a specially crafted SVG image. This issue arises from incorrect handling of SVG marker references, where the software misinterprets data types, leading to memory access errors and an infinite loop. This can...

Cross-Site Scripting (XSS)

github.com/siyuan-note/siyuan is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to incomplete SVG sanitization and improper handling of user-controlled input in the /api/icon/getDynamicIcon endpoint, which allows an attacker to inject malicious SVG content and execute JavaScript...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 had a cross-site scripting vulnerability. This vulnerability stemmed from a recursive entity decoding limit of 5 times in SvgSanitizer::decodeAllEntities, allowing users with...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.6.31 contained security vulnerabilities, which were caused by cross-site scripting vulnerabilities in the SVG renderer implementation...

PT-2026-41339

CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG files containing external entity references through the browse.php endpoint to access internal service...