CVE-2018-16459

An unescaped payload in exceljs v1.6 allows a possible XSS via cell value when worksheet is displayed in browser...