|
|
|
|
|
|
by luchs
5089 days ago
|
|
|
>I think a similar exploit was used recently with .svg images - they can contain javascript (being XML) which will be executed by the browser. Not sure about the details however. However, the JavaScript shouldn't execute if the image is embedded via <img>. |
|
|