Vladajankovic

**Name of the Vulnerable Software and Affected Versions** dom-iterator versions prior to 1.0.1 **Description** The issue is related to Arbitrary Code Execution due to the use of the Function constructor without complete input sanitization. This allows an attacker to generate a new function body, posing risks similar to those of allowing attacker-controlled input to reach eval. **Recommendations** For versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Function constructor to minimize the risk of exploitation.