npm›gettext.js›CVE-2024-433707.2 HIGHgettext.js has a Cross-site Scripting injectionPossible vulnerability to XSS injection if .po dictionary definition files is corrupted