Svg Xss. That is SVG files can be an interactive document such as HTML and can change depending on pre-programmed actions. Scalable Vector GraphicsSVG is an XML-based vector image format for two-dimensional graphics with support for interactivity and animation.
Here is a compiled list of Cross-Site Scripting XSS payloads 298 in total from various sites.
The loadString function does not escape SVG properly which can be used to inject arbitrary elements into. Viewed 6k times 12 3. Ask Question Asked 4 years 7 months ago. SVG which stands for Scalable Vector Graphics is an XML-based vector image format for two-dimensional graphics with support for interactivity and animation.