XXE vulnerability - SVG text extractor

A PDF of the solution can be found in this repository:

PDF of solution

For this challenge, I first explored the website a little.

I searched up SVG text and obtained the following code:

Clearly, SVG files use XML. Therefore, we can try an XXE attack. I changed the above code to be the following:

Through this, I was able to get the flag.