5 matches found
GHSA-W95V-4H65-J455 SiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram Rendering
SiYuan configures Mermaid.js with securityLevel: "loose" and htmlLabels: true. In this mode, tags with src attributes survive Mermaid's internal DOMPurify and land in SVG blocks. The SVG is injected via innerHTML with no secondary sanitization. When a victim opens a note containing a malicious...
Cross-site Scripting (XSS)
@lobehub/cha is vulnerable to a Cross-Site Scripting XSS. The vulnerability is due to unsafe SVG rendering due to SVGRenderer using dangerouslySetInnerHTML for image/svg+xml lobeArtifact content. An attacker can inject malicious SVGs via chat messages...
CVE-2025-61768
KUNO CMS prior to 1.3.15 is affected by an SSRF in the Media module via uploading specially crafted SVGs with external image references. A logged‑in administrator can trigger an outgoing connection to an arbitrary URL, enabling information disclosure or internal network probing. The issue is fixe...
CVE-2025-61768 Kuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG Upload
KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF Server-Side Request Forgery vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upload a specially crafted SVG file containing an external imag...
EUVD-2025-32294
Malicious code in bioql PyPI...