CVE-2025-61417 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file c…
High CVSS: 8.8

CVE-2025-61417

Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file containing JavaScript code. When an administrator previews the file, the code executes in their browser context, allowing the attacker to perform unauthorized actions such as modifying the admin account credentials.
Vendor
Tastyigniter
Product
Tastyigniter
CWE
CWE-79
Yayın Tarihi
2025-10-20 15:15:33
Güncelleme
2025-11-12 17:32:00
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 Tastyigniter HIGH Tastyigniter 2025

Referanslar

https://github.com/mg7-x/CVEs/blob/main/CVE-2025-61417/README.md https://github.com/tastyigniter/TastyIgniter