VYPR

npm package

orejime

pkg:npm/orejime

Vulnerabilities (1)

  • CVE-2025-68457Dec 19, 2025
    affected < 2.3.2fixed 2.3.2

    Orejime is a consent manager that focuses on accessibility. On HTML elements handled by Orejime prior to version 2.3.2, one could run malicious code by embedding `javascript:` code within data attributes. When consenting to the related purpose, Orejime would turn data attributes