0xble (>=14.0.0 <=21.9.1), 100xchat (>=1.1.5 <=1.3.5) +4268 more potentially affected by CVE-2025-9910 via jsondiffpatch (>=0.0.11 <=0.6.2)

jsondiffpatch NPM version =0.0.11, =14.0.0, =1.1.5, =1.0.0, =1.0.0, =1.0.4, =0.10.6, =0.1.6, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =1.0.1, =0.1.0-alpha.1, =0.1.0, =0.3.1, =0.5.10, =1.2.4 and more Source cves: CVE-2025-9910 Source advisory: SNYK:JS-JSONDIFFPATCH-1036903...

Cross-site Scripting (XSS)

Overview jsondiffpatch is a JSON diff & patch object and array diff, text diff, multiple output formats Affected versions of this package are vulnerable to Cross-site Scripting XSS via HtmlFormatter::nodeBegin. An attacker can inject malicious scripts into HTML payloads that may lead to code...

Cross-site Scripting (XSS)

Overview org.webjars.npm:jsondiffpatch is a JSON diff & patch object and array diff, text diff, multiple output formats Affected versions of this package are vulnerable to Cross-site Scripting XSS via HtmlFormatter::nodeBegin. An attacker can inject malicious scripts into HTML payloads that may...