pypi›invenio-records›CVE-2019-10200035.4 MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')invenio-records allows XSS.