CVE-2022-23519

Name of the Vulnerable Software and Affected Versions rails-html-sanitizer versions prior to 1.4.4

Description The issue is related to a possible XSS vulnerability in certain configurations of Rails::Html::Sanitizer, which may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to include both "math" and "style" elements or both "svg" and "style" elements. This can be done in various ways, such as using application configuration, a :tags option to the Action View helper sanitize, using Rails::Html::SafeListSanitizer class method allowed tags=, or using a :tags options to the Rails::Html::SafeListSanitizer instance method sanitize. The vulnerability can be exploited if the code is impacted by overridden allowed tags.

Recommendations For versions prior to 1.4.4, either upgrade to version 1.4.4 or use the following workaround: Remove "style" from the overridden allowed tags, or remove "math" and "svg" from the overridden allowed tags.