GHSA-MCVF-2Q2M-X72M Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Summary rails-html-sanitizer = 1.0.3, = 2.1.0. Mitigation Upgrade to rails-html-sanitizer = 1.4.4. Severity The maintainers have evaluated this as Medium Severity 6.1. References - CWE - CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' 4.9 - SVG MIME Type...