Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of SVG element attributes href and xlink:href when user-controlled data is bound to these attributes. An attacker can execute arbitrary JavaScript code in the victim's browser by supplying a...