[MEDIUM] Badaso vulnerable to cross-site scripting

PKSA-23xx-zp1p-2nxq CVE-2023-38970 GHSA-7422-7rq6-j4qv

Affected package: uasoft-indonesia/badaso

Affected version: <=2.9.7

Reported by:
GitHub