SafeHTML contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is due to an error in the handling of hexadecimal HTML entities. It is possible that the flaw may allow attackers to bypass the blocking of dangerous content in HTML resulting in a loss of integrity.
Upgrade to version 1.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.