Luc Lynx discovered that SVG Salamander, a SVG engine for Java was susceptible to server side request forgery.