CVE-2025-10253 | openDCIM 23.04 SVG File /scripts/uploadifive.php Filedata cross site scripting

Inserito da Angelo Barbosa | Set 11, 2025 | CVE

A vulnerability, which was classified as problematic, was found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-10253. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10253 | openDCIM 23.04 SVG File /scripts/uploadifive.php Filedata cross site scripting

Post correlati

CVE-2024-7503 | WooCommerce plugin up to 2.7.5 on WordPress improper authentication

CVE-2024-9697 | Social Rocket Plugin up to 1.3.4 on WordPress Setting authorization

CVE-2025-7060 | Monitorr up to 1.7.6m Installer mkdbajax.php datadir input validation

CVE-2024-47587 | SAP Cash Management up to S4CORE 103 Cash Operations authorization