CVE-2025-13784 | yungifez Skuul School Management System up to 2.6.5 SVG File edit cross site scripting

Inserito da Angelo Barbosa | Nov 29, 2025 | CVE

A vulnerability classified as problematic has been found in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2025-13784. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13784 | yungifez Skuul School Management System up to 2.6.5 SVG File edit cross site scripting

Post correlati

CVE-2023-49465 | strukturag Libde265 1.0.14 motion.cc derive_spatial_luma_vector_prediction heap-based overflow (Issue 435)

CVE-2024-11122 | 上海灵当信息科技有限公司 Lingdang CRM up to 8.6.4.3 index.php?msgid=1&operation=upload file unrestricted upload

CVE-2025-40037 | Linux Kernel up to 6.12.52/6.17.2 fbdev simplefb_detach_genpds use after free

CVE-2023-49347 | budgie-wpreviews 2.1 temp file