CVE-2025-55166 MEDIUM

CVE-2025-55166: svg-sanitizer By-Passing Attribute Sanitization

Vendor Darylldoyle

Product svg-sanitizer

Weakness CWE-79 · XSS

Published August 12, 2025

Last update August 12, 2025

View on NVD All CVEs

CVSS base score

5.1/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

savg-sanitizer is a PHP SVG/XML sanitizer. Prior to version 0.22.0, the sanitization logic in the cleanXlinkHrefs method only searches for lower-case attribute name, which allows to by-pass the isHrefSafeValue check. As a result this allows cross-site scripting or linking to external domains. This issue has been patched in version 0.22.0.

Key dates

02Disclosure timeline

August 12, 2025 CVE published

August 12, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-55166

Related vulnerabilities

04Related CVE

CVE-2025-53692 Sitecore Experience Platform Cross-Site Scripting Vulnerability CVE-2023-49184 WordPress Parallax Slider Block Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) CVE-2025-9562 Redirection for Contact Form 7 <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via qs_date Shortcode CVE-2024-47367 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.13.0 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2022-2375 WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSS