CVE-2025-13415 | icret EasyImages up to 2.8.6 SVG Image /app/upload.php File cross site scripting (Issue 260)

Inserito da Angelo Barbosa | Nov 19, 2025 | CVE

A vulnerability was found in icret EasyImages up to 2.8.6. It has been classified as problematic. This affects an unknown part of the file /app/upload.php of the component SVG Image Handler. The manipulation of the argument File leads to cross site scripting.

This vulnerability is traded as CVE-2025-13415. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-13415 | icret EasyImages up to 2.8.6 SVG Image /app/upload.php File cross site scripting (Issue 260)

Post correlati

CVE-2025-11549 | Tenda W12 3.0.0.6(3948) HTTP Request /goform/modules wifiMacFilterSet mac stack-based overflow

CVE-2024-4894 | ITPison OMICARD EDM up to 5.x URL Parameter server-side request forgery

CVE-2024-9312 | Canonical Authd up to 0.3.5 User ID incorrect user management

CVE-2025-31207 | Apple iOS/iPadOS up to 18.4 information disclosure