Skip to content

1.4.3 / 2022-06-09
Compare
Choose a tag to compare
@flavorjones flavorjones released this 09 Jun 22:33
v1.4.3
f83f08c
This commit was signed with the committer’s verified signature.
flavorjones Mike Dalessio
GPG key ID: 6291CAA755BBD80D
Learn about vigilant mode.

1.4.3 / 2022-06-09

  • Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.

    Prevent the combination of select and style as allowed tags in SafeListSanitizer.

    Fixes CVE-2022-32209

    Mike Dalessio

Assets 2