Comment by cachius

SVG and CSS filters can leak cross-origin data via iframes from March 6, 2025

Researchers have observed that, in Chrome:

A hostile webpage can create SVG or CSS filters that cover an iframe on the same page and act on the iframe's content.

Specially-crafted filters can be created that vary their performance characteristics (different use of memory bandwidth or compute resources) based on input data.

The induced differences in load can, in turn, be used to leak the input data through a timing sidechannel readable from Javascript.