N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

CVE-2025-48378

GHSA ID

GHSA-m4hf-fxcg-cp34

EPSS Score

0.0542%

CWE

CWE-79

Published

5/23/2025

Updated

5/23/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-48378

CVE-2025-48378: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

Uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-48378

CVE-2025-48378:

N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

CVE-2025-48378

GHSA ID

GHSA-m4hf-fxcg-cp34

EPSS Score

0.0542%

CWE

CWE-79

Published

5/23/2025

Updated

5/23/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
DotNetNuke.Core	nuget	< 9.13.9	9.13.9

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability lies in the insufficient sanitization of SVG files before they are potentially rendered inline. The primary vulnerable function was DotNetNuke.Services.FileSystem.Internal.SecurityCheckers.SvgFileChecker.Validate, which, prior to the patch, used PortalSecurity.Instance.ValidateInput with the NoScripting flag. This method was not robust enough to remove all XSS vectors from SVG files, such as scripts within <script> tags (especially with namespaces) or event handlers like onload or onerror. The patch replaced this with a more direct XML parsing approach that explicitly disallows <script> elements and attributes starting with on. The DotNetNuke.Services.FileSystem.Internal.FileSecurityController.Validate function is also relevant as it's the orchestrator that calls the specific file checker, in this case, the SvgFileChecker.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-48378: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

CVE-2025-48378:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

N/A

N/A

Basic Information

Basic Information

CVE-2025-48378: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI