There is a vulnerability in Rails-HTML-Sanitizer 1.6.0, which is also used by Rails ActionView. The vulnerability allows for bypassing the sanitization process when certain math-related tags, such as "math", "mtext", "table", "style", and "mglyph" or "malignmark", are allowed. This could lead to cross-site scripting (XSS) vulnerabilities in applications using the…Read More
