30
Affected versions of the package are vulnerable to Cross-site Scripting (XSS), it is possible to assign a script (e.g., javascript:alert('XXX')) to the survey.navigateToUrl property.
You're affected if you are using a version which is within vulnerability ranges.
Upgrade survey-angular-ui library to patch version.