CVE-2020-11887

CVE-2020-11887

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document.

Source: CVE-2020-11887