2098 matches found
CVE-2026-49971
Laravel-Mediable before 7.0.0 has a stored XSS in SVG file uploads. Both authenticated and anonymous users can upload unsanitized SVG files containing scripts (onload handlers, script tags, or foreignObject) which can store persistent XSS payloads. When victims view or preview the SVG, the payloa...
WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Stored Cross-Site Scripting via arbitrary URL injection in versions up to and including 6.1 and 1.0 respectively. Authenticated users with author-level permissions can inject arbitrary remote URLs for SVG map files. When a user...
CVE-2026-55466 Snipe-IT: Stored XSS via inline-served attachment
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, UploadFileRequest sanitizes SVG content only when PHP finfo reports image/svg+xml and UploadedFilesController serves attachments inline without using StorageHelper::allowSafeInline, allowing a low-privilege user to upload active...
CVE-2026-61456
The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...
CVE-2026-61456
Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to stored XSS via SVG uploads. The HandlesMediaUploads::processUploadedFile() path only validates file extension and does not call Security::sanitizeSVG(), enabling an authenticated attacker with api.media.write to upload an SVG...
EUVD-2026-42905
The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...
CVE-2026-15321
CVE-2026-15321 (MyEMS Admin Backend) affects myems-api/core/svg.py, function on_post, in MyEMS
CVE-2026-53962
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG sanitization in upload and user avatar handling could lead to cross-site scripting when a user visited specific URLs that are not normally part of community browsing. This issue ...
PT-2026-56999
Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description Insufficient SVG sanitization during the handling of uploads and user avatars can...
CVE-2025-71385 Netdata < 2.3.1 - Reflected Cross-Site Scripting via love Parameter in ilove.svg Endpoint
Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...
CVE-2025-71385
Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...
CVE-2026-55577
A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A heap buffer overflow occurs in the MVG Magick Vector Graphics decoder when processing a specially crafted image. This vulnerability could allow an attacker to cause an out-of-bounds write...
CVE-2026-55594
A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A missing depth check in the MVG Magick Vector Graphics decoder can lead to a stack overflow when a remote attacker provides a specially crafted image. This vulnerability could result in a...
CVE-2026-55594 ImageMagick: Stack Overflow in MVG decoder due to missing depth check.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and...
CVE-2026-58038 Stored XSS through javascript URLs in SVGs generated by EasyTimeline
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...
PT-2026-54833
Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description The software is subject to Stored Cross-Site Scripting XSS, a flaw where malicious scripts are permanently stored on the target server. This occurs through the application logo upload functionality, allowing an...
Linux Distros Unpatched Vulnerability : CVE-2026-14013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium...
DEBIAN-CVE-2026-14013
Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13793
Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-13793
Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...