Lucene search
K

5 matches found

EUVD
EUVD
added 2026/04/13 9:30 p.m.5 views

EUVD-2026-22087

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References6
OSV
OSV
added 2026/04/13 9:30 p.m.5 views

GHSA-J8J5-7R4H-VJ2G DbGate has cross site scripting via the SVG Icon String Handler component

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/13 8:15 p.m.7 views

CVE-2026-6216

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.10 views

PT-2026-32518

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/02 7:26 p.m.3 views

Arbitrary Code Injection

Overview dbgate-web is a This package is used internally by DbGate Affected versions of this package are vulnerable to Arbitrary Code Injection through the FontIcon rendering path in packages/web/src/icons/FontIcon.svelte. An attacker can execute arbitrary JavaScript in a victim’s browser, or...

8.2CVSS6.5AI score0.00168EPSS
Exploits0References3
Rows per page
Query Builder