CVE-2026-25558 | QloApps QloApps/within SVG files uploaded up to 1.7.0 SVG File cross site scripting

Inserito da Angelo Barbosa | Giu 8, 2026 | CVE

A vulnerability marked as problematic has been reported in QloApps QloApps and within SVG files uploaded up to 1.7.0. This impacts an unknown function of the component SVG File Handler. The manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2026-25558. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-25558 | QloApps QloApps/within SVG files uploaded up to 1.7.0 SVG File cross site scripting

Post correlati

CVE-2024-23360 | Qualcomm Snapdragon Compute up to WSA8845H GPU Register access control

CVE-2024-33153 | J2EEFAST 2.7.0 commentList sql_filter sql injection

CVE-2024-34997 | joblib 1.4.2 NumpyArrayWrapper.read_array deserialization (Issue 1582)

CVE-2025-4043 | Milesight UG65-868M-EA prior 60.0.0.46 System Boot /etc/rc.local improper access control for volatile memory containing boot code (icsa-25-126-02)