• Alerts
  • Events
  • DCR
    • Explore Cyware Products
    Alerts Events DCR
    Go to listing page

    Stored XSS via SVG Upload in AlegroCart v1.2.9 Exploited Through Content-Type Spoofing

    • Malware and Vulnerabilities
    • April 24, 2025
    • Seclists
    AlegroCart v1.2.9 has been identified with a stored Cross-Site Scripting (XSS) vulnerability. The flaw allows attackers to upload a malicious SVG file containing embedded JavaScript.
    Read More
    • AlegroCart
    • Cross Site Scripting (XSS) Attacks
    Cyware Publisher

    Publisher

    Previous

    Russian Infrastructure Plays Crucial Role in North Kore ...

    Threat Actors

    Next

    Blue Shield of California leaked health data of 4.7 mil ...

    Breaches and Incidents


    RESOURCES
    Cyber Fusion Center Guide
    EVENTS

    News and Updates, Hacker News

    Get in touch with us now!

    1-855-692-9927


    Download Cyware Social App

    Terms of Use Privacy Policy © 2023