PixelVault — SVG Upload XSS

PixelVault allows SVG uploads and serves them with image/svg+xml on the same origin. Upload a malicious SVG containing a script tag to steal the gallery_session cookie.

Step-by-step walkthrough ↗

Upload a malicious SVG file containing a script tag that executes when the file is viewed directly, stealing the gallery_session cookie.