Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F5041649
evilsvgfile.svg
vijaykumarcmeseo (Vijay Kumar)
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
•
vijaykumarcmeseo
Jul 11 2017, 7:27 AM
2017-07-11 07:27:04 (UTC+0)
Size
421 B
Referenced Files
None
Subscribers
None
evilsvgfile.svg
View Options
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
alert('This app is probably vulnerable to XSS attacks!');
</script>
</svg>
File Metadata
Details
Attached
Mime Type
image/svg+xml
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
711780
Default Alt Text
evilsvgfile.svg (421 B)
Attached To
Mode
Z1336: General Chat
Attached
Detach File
Event Timeline
•
vijaykumarcmeseo
added a comment.
Jul 11 2017, 7:30 AM
2017-07-11 07:30:55 (UTC+0)
Comment Actions
<script>alert(xss)</script>
Log In to Comment