What is the primary security risk of using eval() in JavaScript?
Using eval() is a major security risk because it can execute arbitrary JavaScript code from strings. This opens up possibilities for code injection attacks where malicious code could be injected and executed in your application's context. Attackers could potentially run harmful code, access sensitive data, or manipulate the DOM if they can control strings being passed to eval(). Always avoid eval() and use safer alternatives like JSON.parse() for JSON data or direct property access.