| Description: | Ivan Shmakov discovered that the htmlscrubber component of ikwiki, a wiki compiler, performs insufficient input sanitisation on data:image/svg+xml URIs. As these can contain script code this can be used by an attacker to conduct cross-site scripting attacks. |