Bugfix
Vulnerability CVE-2023-34623 is reported against JTidy. In tl:GanttChartExporter, the library is used completely superfluously - broken HTML is generated first and then parsed via JTidy. Better: Produce well-formed HTML immediately and read it directly via XML parser.
Solution
HTML structure repaired. JTidy parser is not needed.
Test
No test