Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

SVG - Exploiting Browsers without Image Parsing Bugs

Black Hat via YouTube

Start learning Write review
Scrimba Ad

Free courses from frontend to fullstack and AI

Learn More → Coursera Ad

AI, Data Science & Cloud Certificates from Google, IBM & Meta

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the security implications of SVG in web browsers through this 24-minute Black Hat conference talk. Delve into the lesser-known aspects of SVG, including its ability to contain JavaScript and import external scripts and stylesheets. Understand why treating SVG like a simple image format such as JPEG can lead to significant security vulnerabilities. Learn how SVG's XML-based format for vector graphics, combined with its support for CSS styling and JavaScript manipulation, necessitates treating it with the same security considerations as HTML. Gain insights from speaker Rennie deGraaf on the potential risks and exploits associated with SVG in modern web browsers, and discover why proper security measures are crucial when handling this versatile but potentially dangerous file format.

Syllabus

SVG: Exploiting Browsers without Image Parsing Bugs

Taught by

Black Hat

Reviews

Start your review of SVG - Exploiting Browsers without Image Parsing Bugs

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.