2019-10-22 20:07:47
hackerone
PUBLISHED
In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.