VYPR

npm package

repostat

pkg:npm/repostat

Vulnerabilities (1)

  • CVE-2026-27612Feb 25, 2026
    affected < 1.0.1fixed 1.0.1

    Repostat is a React component to fetch and display GitHub repository info. Prior to version 1.0.1, the `RepoCard` component is vulnerable to Reflected Cross-Site Scripting (XSS). The vulnerability occurs because the component uses React's `dangerouslySetInnerHTML` to render the r