index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.Referenceshttps://github.com/jaredhanson/oauth2orize-fprm/blob/master/SECURITY-NOTICE.mdhttps://github.com/jaredhanson/oauth2orize-fprm/commit/2bf9faee787eb004abbdfb6f4cc2fb06653defd5
