CVE-2023-23956

A user can supply malicious HTML and JavaScript code that will be executed in the client browser