diff --git a/framework/Mime_Viewer/lib/Horde/Mime/Viewer/Images.php b/framework/Mime_Viewer/lib/Horde/Mime/Viewer/Images.php
index 3cc074cbd71..83ef1a5195e 100644
--- a/framework/Mime_Viewer/lib/Horde/Mime/Viewer/Images.php
+++ b/framework/Mime_Viewer/lib/Horde/Mime/Viewer/Images.php
@@ -72,6 +72,9 @@ protected function _getType()
             /* image/x-png == image/png. */
             return 'image/png';
 
+        case 'image/svg+xml':
+            return 'application/octet-stream';
+
         default:
             return $type;
         }
diff --git a/framework/Mime_Viewer/package.xml b/framework/Mime_Viewer/package.xml
index 65cf41b74c0..8ccd23a4f5d 100644
--- a/framework/Mime_Viewer/package.xml
+++ b/framework/Mime_Viewer/package.xml
@@ -21,7 +21,7 @@
  </stability>
  <license uri="http://www.horde.org/licenses/lgpl21">LGPL-2.1</license>
  <notes>
-* 
+* [jan] SECURITY: Don&apos;t render SVG images in the browser to avoid XSS attacks (Reported by Dawid Gounski via Beyond Security&apos;s SecuriTeam Secure Disclosure program).
  </notes>
  <contents>
   <dir baseinstalldir="/" name="/">
@@ -1105,7 +1105,7 @@
    <date>2016-07-28</date>
    <license uri="http://www.horde.org/licenses/lgpl21">LGPL-2.1</license>
    <notes>
-* 
+* [jan] SECURITY: Don&apos;t render SVG images in the browser to avoid XSS attacks (Reported by Dawid Gounski via Beyond Security&apos;s SecuriTeam Secure Disclosure program).
    </notes>
   </release>
  </changelog>