uvdesk / support-center-bundle

Provide your customers with convenience by introducing the Support Center Portal to your UVDesk Community Helpdesk System.
https://www.uvdesk.com
MIT License
34 stars 30 forks source link

Add cross-site scripting checks for uploaded .svg assets #167

Closed vipin-shrivastava closed 2 years ago

vipin-shrivastava commented 2 years ago

1. Why is this change necessary?

Folder Image allowed .svg images which will contain XSS payload, For security purpose hacker can take the information.

2. What does this change do, exactly?

Fixed.

3. Please link to the relevant issues (if any).

https://github.com/uvdesk/core-framework/issues/494