T Rowley mentioned that this is part of the SVG attack surface and could do with a security review: * <script> element - nsSVGScriptElement.cpp http://lxr.mozilla.org/mozilla/source/content/svg/content/src/nsSVGScriptElement.cpp
So who would do this review? Is it something we should do at this point?
Feel free to reopen if this is going to actually happen.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.