npm›iobroker.web›CVE-2019-107716.1 MEDIUMCross-site ScriptingCharacters in the GET url path are not properly escaped and can be reflected in the server response.