CVE-2025-63830 – CKFinder SVG XSS

CVE ID : CVE-2025-63830

Published : Nov. 14, 2025, 6:15 p.m. | 45 minutes ago

Description : CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. An attacker can upload a crafted SVG containing active content.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…