CVE-2021-23654
The CVE-2021-23654 issue affects all versions of the html-to-csv package. A vulnerability exists where a formula embedded in an HTML page is accepted without validation and is carried over when converting to CSV, enabling a malicious actor to embed or generate a malicious link or execute commands...