GHSA-6XMX-85X3-4CV2 Stored XSS via SVG File Upload
Impact A user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media directly in a browser, the scripts can be executed. Workaround Implement the server side file validation...