
Stored XSS via SVG Upload — Hall of Fame
Stored XSS via SVG Upload — Hall of Fame
SVG upload pipeline on Linktree's user-content CDN (ugc.production.linktr.ee) accepted scriptable SVGs without sanitization, executing arbitrary JavaScript in the linktr.ee origin on direct file access.
Stored XSS in the user-content origin — session theft and account takeover surface against authenticated users. Acknowledged by Linktree via Bugcrowd; researcher credited in the program Hall of Fame.















