XSS Vulnerability in Typesetter 5.1 via SVG File Upload

XSS Vulnerability in Typesetter 5.1 via SVG File Upload

CVE-2018-16625 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

index.php/Admin/Uploaded in Typesetter 5.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.

Learn more about our Web Application Penetration Testing UK.