Malicious SVG

[TPS]

Issue Details

There's a report that SVGs are being exploited to run JavaScript payloads.

Proposed solution

It's likely that eventually (some point in the distant future) browsers might consider solving this. Can/should AG find a way to actually do so in a timely manner? After all, SVG are "just" interpreted text, nominally for vector images/animation, but obviously can be abused for more.

https://github.com/AdguardTeam/AdguardForWindows/issues/4444 seems related.

Alternative solution

Wait for some random browsers to get around to a fix whenever?