VYPR

Telejson

by Storybook

npm: telejson

Source repositories

CVEs (1)

  • CVE-2026-47099MedMay 20, 2026
    risk 0.40cvss 6.1epss 0.00

    TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse() function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious _constructor-name_ property value. The custom reviver passes…