An issue exists in Joomla! 4.0.0 up to and including 4.1.0. Possible XSS atack vector through SVG embedding in com_media.
joomla joomla\\!