Administrators can make HTML-to-PDF conversion more secure when the Chromium-based converter is used by automatically removing potentially malicious HTML tags. To do this, add the following entry in the configuration of the conversion service:
With the above configuration, all <IFRAME>, <EMBED>, and <OBJECT> HTML tags will be removed before conversion, thereby blocking any attempts to exploit security vulnerabilities tied to them.
