Pixel & Tonic · Craft Cms · CVE-2017-9516
**Name of the Vulnerable Software and Affected Versions**
Craft CMS versions prior to 2.6.2982
**Description**
The issue allows for a potential XSS attack vector by uploading a malicious SVG file.
**Recommendations**
For versions prior to 2.6.2982, update to version 2.6.2982 or later to resolve the issue.