2 matches found
CVE-2018-16625
index.php/Admin/Uploaded in Typesetter 5.1 allows XSS via an SVG file with JavaScript in a SCRIPT element...
CVE-2018-16625
CVE-2018-16625 affects Typesetter 5.1: index.php/Admin/Uploaded allows XSS via an SVG file containing JavaScript in a SCRIPT element. Root cause: improper handling of SVG content enabling script execution, resulting in cross-site scripting. Impact is described as XSS; specifics on exploitation, a...