Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.
Advisories for Npm/Fileview package
2020