21Ko

**Name of the Vulnerable Software and Affected Versions** svg2png version 4.1.1 **Description** The issue allows for XSS with resultant SSRF via JavaScript inside an SVG document. This can be exploited when JavaScript code is embedded inside an SVG document. **Recommendations** For svg2png version 4.1.1, consider disabling the processing of JavaScript inside SVG documents until a patch is available. Restrict the upload and processing of SVG files to minimize the risk of exploitation.