Description
The issue occurs because tagName user input is formatted inside the exec function is executed without any checks.
Remediation
References
https://snyk.io/vuln/SNYK-JS-MVERSION-573174
https://github.com/418sec/huntr/pull/102
https://github.com/mikaelbr/mversion/commit/b7a8b32600e60759a7ad3921ec4a2750bf173482