4 matches found
@bdsm-tools/v-dom (=0.1.0), @byhuz/huz-ui-sigma (>=1.0.19 <=1.0.27) +27 more potentially affected by CVE-2021-23327 via apexcharts (>=3.10.1 <=3.26.3)
apexcharts NPM version =3.10.1, =1.0.19, =0.7.0, =7.20.0, =2.3.0, =1.0.3, =0.0.1, =0.0.1, =0.0.1, =1.1.0, =1.1.0-beta.0, =0.0.1, =0.0.7 - cx-web-core =1.0.18 and more Source cves: CVE-2021-23327 Source advisory: SNYK:JS-APEXCHARTS-1300579...
@byhuz/huz-ui-sigma (>=1.0.19 <=1.0.27), @deliverybot/client (>=0.7.0 <=0.7.2) +31 more potentially affected by CVE-2021-23327 via apexcharts (>=1.5.6 <=3.23.1)
apexcharts NPM version =1.5.6, =1.0.19, =0.7.0, =7.20.0, =2.3.0, =1.0.3, =0.0.1, =0.0.1, =0.0.1, =1.0.34, =1.1.0, =1.1.0-beta.0, =0.0.1, =0.0.7 - cx-web-core =1.0.18 and more Source cves: CVE-2021-23327 Source advisory: OSV:GHSA-W46J-8HM6-H8MM...
CVE-2021-23327
CVE-2021-23327 affects the ApexCharts library. The vulnerability is an XSS due to lack of sanitization in graph legend fields in versions before 3.24.0. Public references (Snyk/IBM OSV) confirm the issue and advise upgrading to apexcharts 3.27.0 or higher as the remediation. Affected products are...
CVE-2021-23327 Cross-site Scripting (XSS)
The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting XSS via lack of sanitization of graph legend fields...