GHSA-MM8J-9X84-M9CV Arbitrary code injection in json-sanitizer
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents...