diff --git a/src/ngSanitize/sanitize.js b/src/ngSanitize/sanitize.js
index 8d869ba2af45..aed08d101406 100644
--- a/src/ngSanitize/sanitize.js
+++ b/src/ngSanitize/sanitize.js
@@ -242,7 +242,7 @@ var inlineElements = angular.extend({}, optionalEndTagInlineElements, toMap("a,a
// They can potentially allow for arbitrary javascript to be executed. See #11290
var svgElements = toMap("circle,defs,desc,ellipse,font-face,font-face-name,font-face-src,g,glyph," +
"hkern,image,linearGradient,line,marker,metadata,missing-glyph,mpath,path,polygon,polyline," +
- "radialGradient,rect,stop,svg,switch,text,title,tspan,use");
+ "radialGradient,rect,stop,svg,switch,text,title,tspan");
// Blocked Elements (will be stripped)
var blockedElements = toMap("script,style");
diff --git a/test/ngSanitize/sanitizeSpec.js b/test/ngSanitize/sanitizeSpec.js
index 77c9372ea87d..b5c9d33bc0b2 100644
--- a/test/ngSanitize/sanitizeSpec.js
+++ b/test/ngSanitize/sanitizeSpec.js
@@ -292,6 +292,13 @@ describe('HTML', function() {
'',
'');
});
+
+ it('should not accept SVG `use` tags', function() {
+ expectHTML('')
+ .toBeOneOf('',
+ '',
+ '');
+ });
});