[HIGH] Potential XSS vector in Zend_Filter_StripTags when comments allowed

PKSA-pzj8-fsxn-4jj2 GHSA-hx3m-959f-v849

Affected package: zendframework/zendframework1

Affected version: >=1.7.0,<1.7.9|>=1.8.0,<1.8.5|>=1.9.0,<1.9.7

Reported by:
GitHub, FriendsOfPHP/security-advisories