Svg Salamander
Monthly
The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.