[HIGH] Cross site scripting vulnerability in Javascript escaping

PKSA-2q9d-8kh9-49wx CVE-2023-28447 GHSA-7j98-h7fp-4vwj

Affected package: smarty/smarty

Affected version: <3.1.48|>=4.0.0,<4.1.1

Reported by:
GitHub, FriendsOfPHP/security-advisories