From ebbda00581a445054e5e599ef58b68d07a537747 Mon Sep 17 00:00:00 2001
From: Shivam7-1 <55046031+Shivam7-1@users.noreply.github.com>
Date: Sat, 28 Dec 2024 20:44:08 +0530
Subject: [PATCH] Update htmlStringImgUrlConverter.js

---
 packages/peregrine/lib/util/htmlStringImgUrlConverter.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/peregrine/lib/util/htmlStringImgUrlConverter.js b/packages/peregrine/lib/util/htmlStringImgUrlConverter.js
index 96779fb97c..26631fa253 100644
--- a/packages/peregrine/lib/util/htmlStringImgUrlConverter.js
+++ b/packages/peregrine/lib/util/htmlStringImgUrlConverter.js
@@ -1,6 +1,6 @@
 import makeUrl from './makeUrl';
 import resolveLinkProps from './resolveLinkProps';
-
+import DOMPurify from 'dompurify';
 /**
  * Modifies html string images to use makeUrl as source and resolves links to use internal path.
  *
@@ -9,7 +9,7 @@ import resolveLinkProps from './resolveLinkProps';
  */
 const htmlStringImgUrlConverter = htmlString => {
     const temporaryElement = document.createElement('div');
-    temporaryElement.innerHTML = htmlString;
+    temporaryElement.innerHTML = DOMPurify.sanitize(htmlString);
     for (const imgElement of temporaryElement.getElementsByTagName('img')) {
         imgElement.src = makeUrl(imgElement.src, {
             type: 'image-wysiwyg',