6 matches found
CVE-2024-13141
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...
CVE-2024-13141
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...
CVE-2024-13141
creationtimestamp| type| source ---|---|--- 2025-01-05 14:38:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113776257997595115 2025-01-05 15:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leyvxorzav2o 2025-01-05 15:38:11+00:00|...
CVE-2024-13141 osuuu LightPicture SVG File Upload upload cross site scripting
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...
CVE-2024-13141
LightPicture (osuuu) up to v1.2.2 is affected by a cross-site scripting vulnerability in /api/upload of the SVG File Upload Handler, caused by unsanitized handling of the uploaded file parameter. The issue can be exploited remotely and has been publicly disclosed. The PT-2025-2027 entry recommend...
CVE-2024-13141 osuuu LightPicture SVG File Upload upload cross site scripting
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...