In the SVG documents section of the Security administration interface, users with the ADMIN role can configure a toggle to prevent privilege escalation attacks.
A privilege escalation attack can occur in the following circumstances:
In the SVG documents section of the Security administration interface, users with the ADMIN role can configure a toggle to prevent privilege escalation attacks.
A privilege escalation attack can occur in the following circumstances:
SVG documents include all unstructured documents, map attachments and resources with the mime type image/svg+xml.
When the toggle is enabled, Fluid Topics does not display scripts in the SVG document directly in the portal. Users who download the SVG document can read the scripts locally on their machines.
Disabling the toggle makes the portal vulnerable to privilege escalation attacks.