chore: update dompurify to 3.4.11

[r0b1n]

Summary

• Updated dompurify from 3.4.8 to 3.4.11 in html-element-web to address security vulnerabilities

[github-actions]

AI Code Review

✅ Approved — no issues found

---

What was reviewed

File	Change
packages/pluggableWidgets/html-element-web/package.json	Bumped dompurify dependency from ^3.4.8 to ^3.4.11
packages/pluggableWidgets/html-element-web/CHANGELOG.md	Added [Unreleased] ### Security entry describing the dompurify update

Skipped (out of scope): pnpm-lock.yaml

---

Positives

• Correct use of the ### Security CHANGELOG category — matches the nature of the change and follows Keep a Changelog conventions.
• The CHANGELOG entry is under [Unreleased] as required by repo conventions (version bumps are a separate PR).
• Dependency range is tightened from ^3.4.8 to ^3.4.11, ensuring consumers pull at least the patched version.
• Lockfile resolves to the exact new version (3.4.11) rather than a previously resolved older patch, confirming the constraint is effective.