I'm wondering if anyone has any thoughts/ideas on this. I had a member reach out to me, saying that the email notifications for two recently posted events were flagged by his security team. The event description was mostly the same for the two events (two instances of the same event, hosted in different locations). The event had <h3> headers which also contained emoticons, e.g.:
<h3 id="mcetoc_1j1jmocsa0">[emoticon:3c913c0db7eb4f9face51746da287257] What We Covered</h3>
He said his IT team told him:
"The basis of the detection was the .svg files and our motive was to verify if the files with .svg extension are legitimate or not.
No other details on the email have been flagged as suspicious.
As the .svg files are being shared over emails these days as an attack vector, this instance was highlighted from our side."
I've never had this reported to me before, and I'm not sure if anyone else was impacted by this. The member had his IT team add our emails to their "allow list," but I'm curious if, other than not adding emoticons to posts, anyone else has experienced and addressed this before? Is his security team overly cautious, or is this kind of issue going to happen more and more due to security updates?
I'm currently on 12.1.4.25057 in case that makes a difference. https://sugarclub.sugarcrm.com/engage/c/e/6333 is the event in question, in case anyone wants to see.
Thanks!
Added link to event
[edited by: Alex Nassi at 2:37 PM (GMT 0) on Thu, Aug 14 2025]
