Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/16 4:9 p.m.10 views

CVE-2025-47778

Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has...

8.6CVSS7AI score0.00391EPSS
Exploits0References1
Circl
Circl
added 2025/05/14 6:31 p.m.4 views

CVE-2025-47778

creationtimestamp| type| source ---|---|--- 2025-05-14 18:31:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16358...

8.6CVSS4.8AI score0.00391EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 3:29 p.m.9 views

CVE-2025-47778 Sulu vulnerable to XXE in SVG File upload Inspector

Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has...

8.6CVSS6.6AI score0.00391EPSS
Exploits0References3
CVE
CVE
added 2025/05/14 3:29 p.m.48 views

CVE-2025-47778

CVE-2025-47778 affects Sulu (2.5.21, 2.6.5, 3.0.0-alpha1). An admin user can upload SVGs that are parsed with XML DOM, enabling XML External Entity (XXE) references. Root cause: SVG processing loads external data via the XML DOM library. Impacts include potential data exposure and integrity conce...

8.6CVSS6.7AI score0.00391EPSS
Exploits0References3
Rows per page
Query Builder