User can change svg-files that browser send to server, and can insert own xlink:href object and : 1.Link to local image files, to fingerprint versions of libraries installed on server 2."Billion laughs" attack, possible DoS attack to converter server 3.Try to change protocol to ftp and connect to ftp-servers 4.Try to exploit vulnerabilities like "Imagetragic", or XXE