Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of namespaced elements and attributes during template compilation and sanitization. An attacker can execute arbitrary JavaScript in the user's browser by injecting specially crafted templat...