Advisories for Composer/Enshrined/Svg-Sanitize package

savg-sanitizer is a PHP SVG/XML Sanitizer. A bypass has been found in versions prior to 0.16.0 that allows an attacker to upload an SVG with persistent cross-site scripting. HTML elements within CDATA needed to be sanitized correctly, as we were converting them to a textnode and therefore, the library wasn't seeing them as DOM elements. This issue is fixed in version 0.16.0. Any data within a CDATA node will now …

A Cross-site Scripting vulnerability was found in svg-sanitizer.

It is possible to bypass enshrined/svg-sanitize before 0.13.1 using the "xlink:href" attribute due to mishandling of the xlink namespace by the sanitizer.

darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript :alert substring.