Nebrelbug

**Name of the Vulnerable Software and Affected Versions** Eta versions prior to 2.0.0 **Description** The issue is related to a XSS attack that impacts anyone using the Express API. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include passing user-supplied data directly to the `res.render` function. **Recommendations** For versions prior to 2.0.0, upgrade to version 2.0.0 to resolve the issue. As a temporary workaround, do not pass user-supplied things directly to `res.render` or `res.renderFile`.