The Rails-html-sanitizer 1.6.0 contained a vulnerability that allowed bypassing the sanitization process when the noscript tag was used. This could have led to potential cross-site scripting (XSS) attacks in applications that used the vulnerable version of the sanitizer, including those using the Rails ActionView's sanitize…Read More