Name of the Vulnerable Software and Affected Versions eco versions (all)

Description The issue concerns Cross-Site Scripting (XSS) due to the package's default escape implementation failing to properly escape single quotes. This failure may allow attackers to execute arbitrary JavaScript on the victim's browser.

Recommendations Consider using an alternative package until a fix is made available.