← Back

Fuguhub

fuguhub

Vendor: Realtimelogic • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-65790
1Realtimelogic
1Fuguhub
Jan 5, 2026
Dec 22, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a...Show more
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline <script> element, the browser executes the attacker-controlled JavaScript.Show less
CVE-2023-24078
1Realtimelogic
1Fuguhub
Mar 18, 2025
Feb 17, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.