SVG XSS in a sandboxed iframe

« Menu

The SVG is served in an iframe which has the sandbox attribute set to prevent scripts from being executed.


Demo created by Robin Wood - DigiNinja