RoundCube Webmail Cross-site Scripting Vulnerability

RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document...

CVE-2018-21030

Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document...

CVE-2022-33994

The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the "Insert from URL" feature. NOTE: the XSS payload does not execute in the context of the WordPress instance's domain; however, analogous attempts by low-privileged users to...

CVE-2019-20376

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c...

CVE-2019-20860

An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denial of service application hang via a crafted SVG document...

CVE-2024-39126

Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents...

CVE-2019-16955

SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...

EUVD-2011-1791

Malware in sbrugna...

EUVD-2010-1430

Malware in sbrugna...

EUVD-2017-2566

Malware in sbrugna...

EUVD-2010-2651

Malware in sbrugna...

EUVD-2016-5348

Malware in sbrugna...

EUVD-2021-13491

Malware in sbrugna...

EUVD-2020-8111

Malware in sbrugna...

EUVD-2017-6182

Malware in sbrugna...

EUVD-2020-29625

Malware in sbrugna...

EUVD-2010-1262

Malware in sbrugna...

EUVD-2015-7471

Malware in sbrugna...

EUVD-2010-4180

Malware in sbrugna...

EUVD-2011-3922

Malware in sbrugna...