VYPR

npm package

@developer.notchatbot/webchat

pkg:npm/%40developer.notchatbot/webchat

Vulnerabilities (1)

  • CVE-2026-30048MedMar 18, 2026
    affected <= 1.5.0

    A stored cross-site scripting (XSS) vulnerability exists in the NotChatbot WebChat widget thru 1.4.4. User-supplied input is not properly sanitized before being stored and rendered in the chat conversation history. This allows an attacker to inject arbitrary JavaScript code which