Name of the Vulnerable Software and Affected Versions serve versions prior to 10.0.2

Description The issue arises from the package's failure to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim's browser through files with names containing malicious code. This can lead to Cross-Site Scripting (XSS) attacks.

Recommendations Upgrade to version 10.0.2 or later.