Add details to unsafeHTML docs (#1353)

* Add details to unsafeHTML docs

* Update packages/lit-dev-content/site/docs/v3/templates/directives.md

Co-authored-by: Augustine Kim <augustinekim@google.com>

---------

Co-authored-by: Augustine Kim <augustinekim@google.com>

Author: justinfagnani

packages/lit-dev-content/site/docs/v3/templates/directives.md

@@ -1448,8 +1448,14 @@ parse such a string as HTML and render it in a Lit template.
 
 Note, the string passed to `unsafeHTML` must be developer-controlled and not
 include untrusted content. Examples of untrusted content include query string
-parameters and values from user inputs. Untrusted content rendered with this
-directive could lead to [cross-site scripting (XSS)](https://en.wikipedia.org/wiki/Cross-site_scripting) vulnerabilities.
+parameters and values from user inputs.
+
+Untrusted content rendered with this directive could lead to [cross-site
+scripting (XSS)](https://en.wikipedia.org/wiki/Cross-site_scripting), CSS
+injection, data exfiltration, etc. vulnerabilities. `unsafeHTML` uses
+`innerHTML` to parse the HTML string, so the security implications are the same
+ as `innerHTML`, [as documented on
+MDN](https://developer.mozilla.org/en-US/docs/Web/API/Element/innerHTML#security_considerations).
 
 </div>