EUVD-2021-0572

Malware in sbrugna...

Cross-site Scripting (XSS)

Overview apexcharts is a modern JavaScript charting library to build interactive charts and visualizations with simple API. Affected versions of this package are vulnerable to Cross-site Scripting XSS. This is the same vulnerability as CVE-2021-23327, which was reintroduced as a regression in...

@bdsm-tools/v-dom (=0.1.0), @byhuz/huz-ui-sigma (>=1.0.19 <=1.0.27) +27 more potentially affected by CVE-2021-23327 via apexcharts (>=3.10.1 <=3.26.3)

apexcharts NPM version =3.10.1, =1.0.19, =0.7.0, =7.20.0, =2.3.0, =1.0.3, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.1.0-beta.0, =0.0.1, =0.0.7 - cx-web-core =1.0.18 and more Source cves: CVE-2021-23327 Source advisory: SNYK:JS-APEXCHARTS-1300579...

Cross-site Scripting (XSS) - DOM in apexcharts/apexcharts.js

✍️ Description Last version of Apexcharts.js is vulnerable to Cross-Site Scripting XSS 🕵️‍♂️ Proof of Concept Simply try one of the examples provided in samples/vanilla-js/scatter/scatter-images.html in this way: javascript var options = series: name: 'Messenger', data: 16.4, 5.4, ..... , name:...

Cross-Site Scripting (XSS)

Overview apexcharts is a modern JavaScript charting library to build interactive charts and visualizations with simple API. Affected versions of this package are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields. Recommendation Upgrade to version 3.24.0 or...

@byhuz/huz-ui-sigma (>=1.0.19 <=1.0.27), @deliverybot/client (>=0.7.0 <=0.7.2) +31 more potentially affected by CVE-2021-23327 via apexcharts (>=1.5.6 <=3.23.1)

apexcharts NPM version =1.5.6, =1.0.19, =0.7.0, =7.20.0, =2.3.0, =1.0.3, =0.0.1, =0.0.1, =0.0.1, =1.0.34, =1.1.0, =1.1.0-beta.0, =0.0.1, =0.0.7 - cx-web-core =1.0.18 and more Source cves: CVE-2021-23327 Source advisory: OSV:GHSA-W46J-8HM6-H8MM...

XSS in apexcharts

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...

GHSA-W46J-8HM6-H8MM XSS in apexcharts

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...

CVE-2021-23327

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...

CVE-2021-23327

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...

Cross site scripting

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...

CVE-2021-23327

CVE-2021-23327 affects the ApexCharts library. The vulnerability is an XSS due to lack of sanitization in graph legend fields in versions before 3.24.0. Public references (Snyk/IBM OSV) confirm the issue and advise upgrading to apexcharts 3.27.0 or higher as the remediation. Affected products are...

Junedchhipa ApexCharts Cross-Site Scripting Vulnerability

Junedchhipa ApexCharts is an application for individual developers in Junedchhipa, India. It provides the functionality of open source charts. A cross-site scripting vulnerability exists in Apexcharts, which stems from a lack of proper validation of client-side data in the WEB application. An...

@byhuz/huz-ui-sigma (>=1.0.19 <=1.0.27), @deliverybot/client (>=0.7.0 <=0.7.2) +24 more potentially affected by CVE-2021-23327 via apexcharts (>=3.10.1 <=3.23.1)

apexcharts NPM version =3.10.1, =1.0.19, =0.7.0, =7.20.0, =2.3.0, =1.0.3, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.1.0-beta.0, =0.0.1, =0.0.1, =0.0.30 and more Source cves: CVE-2021-23327 Source advisory: SNYK:JS-APEXCHARTS-1062708...

Cross-site Scripting (XSS)

Overview apexcharts is a modern JavaScript charting library to build interactive charts and visualizations with simple API. Affected versions of this package are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields. Details Cross-site scripting or XSS is a code...

Cross-site Scripting (XSS) - Generic in apexcharts/apexcharts.js

Description apexcharts is vulnerable to Cross-Site Scripting XSS. Proof of Concept 1. Install the package by following this instruction https://apexcharts.com/docs/installation/ or try the live sandbox here https://codepen.io/apexcharts/pen/xYqyYm 2. Edit JS and insert the XSS payload below in th...