@shopify/koa-shopift-auth is vulnerable to cross-site scripting (XSS). The vulnerability exists as it did not sanitize the values of shop
in auth/client/request-storage-access.ts
, auth/client/top-level-interaction.ts
, create-enable-cookies.ts
, create-request-storage-access.ts
.