15 matches found
Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization
Summary A potential Cross-Site Scripting XSS vulnerability exists in Fabric.js due to improper escaping of user-controlled input during SVG serialization via the toSVG method. Specifically, the color field within the colorStops array of a fabric.Gradient object is not properly escaped when...
Improper Encoding or Escaping of Output
Overview fabric is an Object model for HTML5 canvas, and SVG-to-canvas parser. Backed by jsdom and node-canvas. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the toSVG and getSvgStyles/getSvgSpanStyles paths in the gradient, object, and text SVG...
Improper Encoding or Escaping of Output
Overview org.webjars.npm:fabric is an Object model for HTML5 canvas, and SVG-to-canvas parser. Backed by jsdom and node-canvas. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the toSVG and getSvgStyles/getSvgSpanStyles paths in the gradient, object...
PT-2026-49055
Name of the Vulnerable Software and Affected Versions Fabric.js versions prior to 7.4.0 Description Improper escaping of user-controlled input during SVG serialization via the toSVG method can lead to Cross-Site Scripting XSS. Specifically, the color field within the colorStops array of a...
CVE-2026-27013
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
CVE-2026-27013
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
CVE-2026-27013
Fabric.js prior to 7.2.0 is vulnerable to stored XSS when user-supplied JSON is loaded via loadFromJSON() and later exported to SVG with toSVG(). The issue arises because several SVG attributes (notably id on wrappers and xlink:href values for images and patterns) interpolate user-controlled str...
CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
Fabric.js 安全漏洞
Fabric.js is an open-source JavaScript library developed by Fabric.js. Versions of Fabric.js prior to 7.2.0 contained a security vulnerability. This vulnerability stemmed from improper escaping of user-controlled string values during SVG export, which could lead to storage-based cross-site...
PT-2026-20907
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
Cross-site Scripting (XSS)
Overview org.webjars.npm:fabric is an Object model for HTML5 canvas, and SVG-to-canvas parser. Backed by jsdom and node-canvas. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the loadFromJSON function, which is used in the FabricObjectSVGExportMixin class to...
GHSA-HFVX-25R5-QC3W Fabric.js Affected by Stored XSS via SVG Export
fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When attacker-controlled JSON is loaded via loadFromJSON and later exported via...
Fabric.js Affected by Stored XSS via SVG Export
fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When attacker-controlled JSON is loaded via loadFromJSON and later exported via...