diff --git a/core/.eslintrc.jquery.json b/core/.eslintrc.jquery.json
index e0317d173eafeb19abffffd737ef496ca31e658f..905c8040ca7824672ab5e0302b2a2ed22cfcb766 100644
--- a/core/.eslintrc.jquery.json
+++ b/core/.eslintrc.jquery.json
@@ -35,7 +35,7 @@
     "jquery/no-param": 2,
     "jquery/no-parent": 0,
     "jquery/no-parents": 0,
-    "jquery/no-parse-html": 0,
+    "jquery/no-parse-html": 2,
     "jquery/no-prop": 0,
     "jquery/no-proxy": 2,
     "jquery/no-ready": 2,
diff --git a/core/misc/ajax.js b/core/misc/ajax.js
index ebfe0928a2ddb1b94dbe01d53b1b32b361626d86..5acc2ef6a2337469920f3c1e4a4f0b068defb6dc 100644
--- a/core/misc/ajax.js
+++ b/core/misc/ajax.js
@@ -1333,7 +1333,20 @@
       const settings = response.settings || ajax.settings || drupalSettings;
 
       // Parse response.data into an element collection.
-      let $newContent = $($.parseHTML(response.data, document, true));
+      const parseHTML = (htmlString) => {
+        const fragment = document.createDocumentFragment();
+        // Create a temporary div element
+        const tempDiv = fragment.appendChild(document.createElement('div'));
+
+        // Set the innerHTML of the div to the provided HTML string
+        tempDiv.innerHTML = htmlString;
+
+        // Return the contents of the temporary div
+        return tempDiv.childNodes;
+      };
+
+      let $newContent = $(parseHTML(response.data));
+
       // For backward compatibility, in some cases a wrapper will be added. This
       // behavior will be removed before Drupal 9.0.0. If different behavior is
       // needed, the theme functions can be overridden.