DevOps & Platform Eng
TeleJSON's DOM XSS Flaw: The PostMessage Trap Snaring Storybook Devs
Imagine a malicious addon slipping arbitrary JavaScript into your dev tools via a simple JSON payload. That's the TeleJSON vuln hitting Storybook setups hard — and it's easier to exploit than you think.