The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens , redirecting the user to a malicious webpage and performing unintended browser action.
The vulnerability will be patched in version 2.0.
Update to Version 2.0
https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)
Impact
The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens , redirecting the user to a malicious webpage and performing unintended browser action.
Patches
The vulnerability will be patched in version 2.0.
Workarounds
Update to Version 2.0
References
https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)