[CVE-2023-23913] DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements