Advisories for Pypi/Python-Lxml package

Incomplete denylist in the lxml.html.clean module in lxml allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.