CVE-2021-23411

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the main functionality. It accepts input that can result in the output (an anchor a tag) containing undesirable Javascript code that can be executed upon user interaction. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt