Inkscape is vulnerable to XXE attacks during rasterization/export of SVG images.
The impact of this vulnerability range form denial of service to file disclosure. Under Windows, it can also be used to steal LM/NTLM hashes.
During rasterization, entities declared in the DTD are dereferenced and the content of the target file is included in the output. Command-line used: "inkscape -e xxe-inkscape.png xxe.svg"
- xxe.svg: malicious SVG file to convert
- xxe-inkscape.png: result of the rasterization of xxe.svg
CWE-827: Improper Control of Document Type Definition