Hi @stweil,
The image uploader works with web-safe formats like .png. If it were possible to maliciously craft these files to attack the machines of viewers, then the entire web would be unsafe.
It is possible for users to upload e.g. Word documents with macro viruses as submissions, and it’s up to the server administrator to provide antivirus tools, and up to the editor to have something on their own machine. This is part of normal web hygiene and on par with other commonly used file management systems like Dropbox.
Regards,
Alec Smecher
Public Knowledge Project Team