All versions of
status-board are vulnerable to Cross-Site Scripting. The
renderJsDashboard() function concatenates the
No fix is currently available. Consider using an alternative package until a fix is made available.