Security Critical XSS Vulnerability in SVG Formatter The Drupal Security Team announced on March 9th, 2022 a critical cross site scripting (XSS) error in SVG Formatter SA-CONTRIB-20220-028.