An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected