Michal Bentkowski discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML sanitization bypass vulnerability when using the quot;relaxedquot; or a custom config allowing certain elements. Content in a lt;mathgt; or lt;svggt; element may not be sanitized correctly even if math and svg are not in the allowlist.