Moderately Critical Lottiefiles Field Security Update
The Lottiefiles Field module enables you to integrate the lottiefiles features into your page.
The module does not sufficiently filter user-provided text on output, resulting in a Cross-Site Scripting (XSS) vulnerability.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create or edit content that has lottiefiles fields.
Solution:
Install the latest version:
If you use the lottifiles_field module for Drupal 8.x or 9.x, upgrade to Lottiefiles Field 1.0.3.
Source: