Zinc is vulnerable to cross-site scripting. The vulnerability exists because the delete template functionality in Template.vue
incorrectly escapes the name
attribute before being rendered, allowing an attacker to inject and execute a malicious JavaScript payload.