Description
svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document.
Remediation
References
https://github.com/domenic/svg2png/issues/117
Related Vulnerabilities
CVE-2013-5679 Vulnerability in maven package org.owasp.esapi:esapi
CVE-2021-32854 Vulnerability in maven package org.webjars:textangular
CVE-2022-38900 Vulnerability in npm package decode-uri-component
CVE-2022-25916 Vulnerability in npm package mt7688-wiscan
CVE-2019-10240 Vulnerability in maven package org.eclipse.hawkbit:hawkbit-parent