Due to improper handling of elements under the contentEditable element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. References: https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv