Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
XSS exists in Shave because output encoding is mishandled during the overwrite of an HTML element.
Advisories for Npm/Shave package
2019
XSS exists in Shave because output encoding is mishandled during the overwrite of an HTML element.