Current security filter erases everything between a "prohibited character" and the next whitespace.
These characters however also include key symbols used in CSS, such as '>' (used to designate "direct descendant") or single and double quotes (used in expressions such as DIV[href~="character"]).
On top of that, "body" is another prohibited string - which causes many issues with styling; a number of HTML elements in the template use "body" in their CSS classnames, such as "panel-body" and "card-body". It becomes impossible to style these.
This update would allow to properly customize existing themes with advanced CSS selectors. It would also make it possible to even address certain elements by their proper classname, since a number of elements are literally named "[something]-body" .. and we are not allowed to use "body" in CSS.