Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
1:0.0+git20210119.5f4716e+dfsg-41:0.0+git20210805.aaa1db6+dfsg-11:0.0+git20211209.491a49a+dfsg-11:0.10.0-11:0.17.0+dfsg-11:0.20.0+dfsg-11:0.21.0+dfsg-11:0.26.0+dfsg-21:0.27.0-10.0+git20150226.3d87fd6-30.0+git20151007.b846920+dfsg-11:0.0+git20150817.66f0418-11:0.0+git20160110.4fd4a9f-11:0.0+git20160110.4fd4a9f-1ubuntu0.1~esm11:0.0+git20170629.c81e7f2+dfsg-1ubuntu11:0.0+git20170629.c81e7f2+dfsg-1ubuntu21:0.0+git20170629.c81e7f2+dfsg-21:0.0+git20170629.c81e7f2+dfsg-2ubuntu0.1~esm11:0.0+git20190811.74dc4d7+dfsg-11:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm1Exploitability
AV:NAC:LPR:NUI:RScope
S:CImpact
C:LI:LA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N