There is no secure way to fix this. The ideal solution is to only allow src-defined SVG files (but from any domain). But this cannot be achieved in CSP's object-src.
As such, this will not be fixed. However, more context was given in the "allow plugins" option for CSP configuration explicitly stating SVG attachments will not render if disabled.
As such, this will not be fixed. However, more context was given in the "allow plugins" option for CSP configuration explicitly stating SVG attachments will not render if disabled.