roundup@2.4.0b1 vulnerabilities

A simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Highly customisable.

Known vulnerabilities in the roundup package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the `classhelpers` (_generic.help.html), due to improper sanitization. How to fix Cross-site Scripting (XSS)? Upgrade `roundup` to version 2.4.0 or higher.	[,2.4.0)
M Cross-site Scripting (XSS) roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via JavaScript in PDF, XML, and SVG documents. An attacker can inject malicious scripts that may be executed in the context of the user's session by embedding them into the affected document types. How to fix Cross-site Scripting (XSS)? Upgrade `roundup` to version 2.4.0 or higher.	[,2.4.0)
M Cross-site Scripting (XSS) roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the HTTP `Referer` header. An attacker can inject malicious scripts that are executed in the context of the user's browser session. How to fix Cross-site Scripting (XSS)? Upgrade `roundup` to version 2.4.0 or higher.	[,2.4.0)