Edupage Cross Site Request Forgery / Spoofing
Non-sanitised submission of malicious SVG files on the Edupage portal in combination with cross site request forgery attacks allows the triggering various actions on behalf of other users, e.g. identity spoofing, sending fake messages, giving fake approvals, etc...