CNNVD-202510-051 Information

CNNVD ID

CNNVD-202510-051

Related CVE

CVE-2025-56514

• CNNVD Published: 2025-10-01

Description (Chinese)

Fiora ·是yinxin630个人开发者的一个聊天应用程序。 Fiora 1.0.0版本存在跨站脚本漏洞，该漏洞源于恶意SVG文件渲染时执行任意JavaScript，可能导致跨站脚本攻击。

Description (English)

Fiora is a chat application for yinxin 630 individual developers. The version of Fiora 1.0.0 has a cross-site script loophole, which stems from the implementation of arbitrary JavaScript when malicious SVG documents are rendered, which could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2025-10-01

Last Modified

2026-02-24

References

https://fiora.suisuijiang.com/ https://github.com/Kov404/CVE-2025-56514/tree/main https://github.com/yinxin630/fiora