But yeah, the article isn’t very clear on what it means.
dos I could see via just provoking a ton of same domain requests in the svg, like loading a lot of images from the same domain. Then every user seeing it would take part in dosing that page.
XSS could mean data exfiltration, which should still pass most restrictions currently.
xss not css. css are the style sheets :)
But yeah, the article isn’t very clear on what it means.
dos I could see via just provoking a ton of same domain requests in the svg, like loading a lot of images from the same domain. Then every user seeing it would take part in dosing that page.
XSS could mean data exfiltration, which should still pass most restrictions currently.
deleted by creator