CVE-2025-11655 | Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924 SVG File unrestricted upload

A vulnerability identified as critical has been detected in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipulation results in unrestricted upload.

This vulnerability is identified as CVE-2025-11655. The attack can be initiated remotely. Additionally, an exploit exists.

Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More