Количество 2
Количество 2
CVE-2025-61417
Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file containing JavaScript code. When an administrator previews the file, the code executes in their browser context, allowing the attacker to perform unauthorized actions such as modifying the admin account credentials.
GHSA-4vrf-42cm-7xfw
TastyIgniter vulnerable to Cross-Site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-61417 Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file containing JavaScript code. When an administrator previews the file, the code executes in their browser context, allowing the attacker to perform unauthorized actions such as modifying the admin account credentials. | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
| GHSA-4vrf-42cm-7xfw TastyIgniter vulnerable to Cross-Site Scripting | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу