Vulnerability Summary
Stored Cross-Site Scripting via SVG File Upload Filter Bypass
Due to a severe misconfiguration in how the platform's sanitization layer processes URI schemes within SVG documents, an attacker is able to upload a crafted SVG file that, once stored server-side and rendered inline for any user who opens the shared conversation, silently executes arbitrary JavaScript under the platform's origin — with full access to session cookies, tokens, and DOM context.
Censorship Note: All data (domains, paths, URIs, and variables) have been strictly anonymized using entirely fictional nomenclature (e.g., redactedchat.net). This report documents an indirect execution of arbitrary JavaScript within a simulated environment to guarantee 100% privacy for the original enterprise.
No comments yet.
Be the first to share your thoughts
Log in to join the discussion.
Sign In