Cross-site Scripting (XSS)

epubjs is vulnerable to cross-site scripting. The library does not properly sanitize the ePub content due to the insecure use of the allowScriptedContent option, which allows sandbox content to run malicious scripts...