CVE-2025-56514 | THREATINT

Description

Cross Site Scripting (XSS) vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users.

PUBLISHED Reserved 2025-08-17 | Published 2025-10-01 | Updated 2025-10-01 | Assigner mitre

References

github.com/yinxin630/fiora

fiora.suisuijiang.com/

github.com/Kov404/CVE-2025-56514/tree/main

cve.org (CVE-2025-56514)

nvd.nist.gov (CVE-2025-56514)

Download JSON