Thank you for taking your time to report a globalize.js secutiry vulnerability. Please, we kindly ask you to report it via https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability.