Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23986
Reference (s):
- https://github.com/anuraghazra/github-readme-stats/pull/255