Inlay

//

Post

Fun parser differential to fallback SVG sanitizer bypass: github.com/freescout-he...

3mo

### Summary Bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of `.png` with content type of `imag...

github.com

Stored XSS through SVG file upload with filter bypass

Jorian