CVE-2025-11027 | givanz Vvveb up to 1.0.7.2 SVG File cross site scripting

A vulnerability, which was classified as problematic, was found in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-11027. The attack may be launched remotely. Furthermore, there is an exploit available.

Once again the project maintainer reacted very professional: “I accept the existence of these vulnerabilities. (…) I fixed the code to remove these vulnerabilities and will push the code to github and make a new release.”VulDB Recent EntriesRead More