Server-Side Request Forgery (SSRF) Vulnerability in SVG Salamander Library

Server-Side Request Forgery (SSRF) Vulnerability in SVG Salamander Library

CVE-2017-5617 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file.

Learn more about our Web App Pen Testing.