[LOW] TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting

PKSA-5mxx-9w1m-fqfb CVE-2026-47344 GHSA-jvf5-rxvv-3mcg

Affected package: typo3/html-sanitizer

Affected version: <2.3.2

Reported by:
GitHub, FriendsOfPHP/security-advisories