Explore the security implications of SVG in web browsers through this 24-minute Black Hat conference talk. Delve into the lesser-known aspects of SVG, including its ability to contain JavaScript and import external scripts and stylesheets. Understand why treating SVG like a simple image format such as JPEG can lead to significant security vulnerabilities. Learn how SVG's XML-based format for vector graphics, combined with its support for CSS styling and JavaScript manipulation, necessitates treating it with the same security considerations as HTML. Gain insights from speaker Rennie deGraaf on the potential risks and exploits associated with SVG in modern web browsers, and discover why proper security measures are crucial when handling this versatile but potentially dangerous file format.
SVG - Exploiting Browsers without Image Parsing Bugs
Overview
Syllabus
SVG: Exploiting Browsers without Image Parsing Bugs
Taught by
Black Hat
Related Courses
Related articles
-
900 Free Computer Science Courses from World’s Top 50 Universities
-
150+ Stanford On-Campus Computer Science Courses Available Online
-
5 Best Free Web Development Courses for 2024: Over 900 Hours of Learning
-
100+ Free Courses to Learn JavaScript, React, Node
-
10 Best JavaScript Courses for 2024: Create Interactive Websites
