Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]