Zcorpan

**Name of the Vulnerable Software and Affected Versions** svg-sanitizer versions prior to 0.15.0 **Description** A cross-site scripting issue affects the svg-sanitizer library. The problem arises when HTML elements wrapped in a CDATA section are not removed, making SVG content embedded in HTML susceptible to cross-site scripting. However, plain SVG files are not affected. **Recommendations** For versions prior to 0.15.0, update to version 0.15.0 or higher to resolve the issue. At the moment, there is no workaround available without upgrading.