The Rails-html-sanitizer, which Rails ActionView also uses, failed to sanitize input when the style tag was allowed, leading to a potential XSS vulnerability. The vulnerability affected version 1.6.0 of the sanitizer and was addressed in version…Read More
