VYPR

npm package

jsondiffpatch

pkg:npm/jsondiffpatch

Vulnerabilities (1)

  • CVE-2025-9910MedSep 11, 2025
    affected < 0.7.2fixed 0.7.2

    Versions of the package jsondiffpatch before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via HtmlFormatter::nodeBegin. An attacker can inject malicious scripts into HTML payloads that may lead to code execution if untrusted payloads were used as source for the diff, and th