2017/10/GHSA-xxr8-833v-c7wc Cross-site Scripting vulnerability in i18n translations helper method