XSS on using the legacy "Graphie To PNG" API
9 points
6 days ago
| 1 comment
| hackerone.com
| HN
unsnap_biceps
2 days ago
[-]
I had no idea svg files allowed embedded JavaScript. What a great find
reply