CVE-2025-10348 | Eveo URVE Smart Office up to 1.1.23 SVG File Parser cross site scripting

Inserito da Angelo Barbosa | Ott 30, 2025 | CVE

A vulnerability was found in Eveo URVE Smart Office up to 1.1.23 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SVG File Parser. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-10348. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-10348 | Eveo URVE Smart Office up to 1.1.23 SVG File Parser cross site scripting

Post correlati

CVE-2024-37077 | OpenHarmony up to 4.0.1 Pre-installed Apps out-of-bounds write

CVE-2024-50920 | Silicon Labs Z-Wave Series 700/Z-Wave Series 800 7.21.1 Packets permission

CVE-2024-32690 | Fahad Mahmood RSS Feed Widget Plugin up to 2.9.7 on WordPress cross site scripting

CVE-2024-33793 | Netis MEX605 2.00.06 Ping Test Page cross site scripting