PT-2025-15983 · Github +1 · Github Gist +1

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.10.3 Description: The issue arises when a malicious SVG file is uploaded to HedgeDoc, potentially leading to cross-site scripting XSS when the file is opened in a new tab. This is possible due to the exploitation ...