[metascraper] metascraper before v5.2.0 vulnerable to stored cross-site scripting

Versions of metascraper prior to 5.2.0 are vulnerable to stored cross-site scripting (XSS).

Recommendation

Upgrade to version 5.2.0 or later.

References

• https://nvd.nist.gov/vuln/detail/CVE-2018-3773
• https://hackerone.com/reports/309367
• https://www.npmjs.com/advisories/603
• https://github.com/microlinkhq/metascraper/pull/169
• https://github.com/advisories/GHSA-8f64-q7jc-ccgp