ActionView sanitize helper bypass with 'style' and 'svg' tags

Rails-html-sanitizer, which Rails AtionView also uses fails to sanitize input when `svg` and `style` OR `math` and `style` are allowed An example would be as follows; ```ruby <%= sanitize @comment.body, tags: ["math", "style"] %> <%# or %> <%= sanitize @comment.body, tags: ["svg", "style"] %> ``` You could see other patterns/places where this is used in the security advisory. View [#2503220](https://hackerone.com/reports/2503220) for details. ## Impact Sanitizer bypass that leads to XSS on applications built with it. It also affects applications using Rails Action View's sanitize helper: https://api.rubyonrails.org/v7.2/classes/ActionView/Helpers/SanitizeHelper.html