|
|
|
|
|
|
by nneonneo
340 days ago
|
|
|
Yes, SVGs are XML-based and may be vulnerable to generic XML-based XML external entity (XXE) or exponential entity expansion attacks, but this particular malicious SVG is using SVG-specific features to create the resource exhaustion. |
|
|