GHSA-FWX5-5FQJ-JV98 Cross-Site Scripting in morris.js
Affected versions of morris.js are vulnerable to cross-site scripting attacks in labels that appear when hovering over a particular point on a generated graph. The text content of these labels is not escaped, so if control over the labels is obtained, script can be injected. The script will run o...