CVE-2025-65790

EPSS 0.08% · P24 Updated Dec 23, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-65790

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline <script> element, the browser executes the attacker-controlled JavaScript.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Real Time Logic FuguHub 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Real Time Logic FuguHub是Real Time Logic公司的一款使用 Barracuda Application Server SDK 开发的消费产品。 Real Time Logic FuguHub 8.1版本存在安全漏洞，该漏洞源于/fs/文件管理器接口处理SVG文件时未清理或限制脚本执行，可能导致执行攻击者控制的JavaScript。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-65790

#	POC Description	Source Link	Shenlong Link
1	Reflected Cross-Site Scripting (XSS) via SVG Rendering in FuguHub	https://github.com/hunterxxx/FuguHub-8.1-Reflected-SVG-XSS-CVE-2025-65790	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-65790

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-65790

Same Patch Batch · n/a · 2025-12-22 · 27 CVEs total

CVE-2025-15004	6.3 MEDIUM	DedeCMS freelist_main.php sql injection
CVE-2025-15005	3.7 LOW	CouchCMS reCAPTCHA config.example.php hard-coded key
CVE-2025-65857		Xiongmai XM530 安全漏洞
CVE-2025-67436		PluXml 安全漏洞
CVE-2025-65856		Xiongmai XM530 安全漏洞
CVE-2025-66736		youlai-boot 安全漏洞
CVE-2025-66735		youlai-boot 安全漏洞
CVE-2025-65817		LSC Smart Connect Indoor IP Camera 安全漏洞
CVE-2024-27708		AIRC MyNET 安全漏洞
CVE-2025-67291		Piranha CMS 安全漏洞
CVE-2025-67290		Piranha CMS 安全漏洞
CVE-2025-65837		PublicCMS 安全漏洞
CVE-2025-67418		ClipBucket 安全漏洞
CVE-2024-25812		AIRC MyNET 安全漏洞
CVE-2024-35321		AIRC MyNET 安全漏洞
CVE-2024-25814		AIRC MyNET 安全漏洞
CVE-2025-67288		Umbraco CMS 安全漏洞
CVE-2025-63662		GT Edge AI 安全漏洞
CVE-2025-63664		GT Edge AI 安全漏洞
CVE-2025-63663		GT Edge AI 安全漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-65790

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-65790

I. Basic Information for CVE-2025-65790

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-65790

III. Intelligence Information for CVE-2025-65790

Same Patch Batch · n/a · 2025-12-22 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-65790

Leave a comment