[MEDIUM] rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives

PKSA-x5pq-tgg3-vhtm CVE-2026-40301 GHSA-93vf-569f-22cq

Affected package: rhukster/dom-sanitizer

Affected version: <1.0.10

Reported by:
GitHub