AndroidSVG 1.2.2 Vulnerability: XXE Attacks in SVG Parsing Component Leading to Denial of Service and Remote Code Execution
CVE-2017-1000498 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution
Learn more about our Web Application Penetration Testing UK.