Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.10 views

CVE-2021-29489

Highcharts JS is a JavaScript charting library based on SVG. In Highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted sources could execute code in the end user's browser. The...

7.6CVSS6.1AI score0.00867EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/05 10:43 p.m.166 views

Security Bulletin: Multiple vulnerabilities in Jquery-Ui, highcharts, and datatables are affecting QRadar User Behavior Analytics (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-23445, CVE-2021-29489)

Summary There are vulnerabilities in third party packages JQuery-UI, Highcharts, datatables.net affecting User Behavior AnayticsUBA. UBA has been updated to the latest versions of these packages to address these vulnerabilities. Vulnerability Details CVEID:CVE-2021-41182 DESCRIPTION: jQuery...

7.6CVSS6.5AI score0.44515EPSS
Exploits5Affected Software1
Node.js
Node.js
added 2021/05/06 3:47 p.m.55 views

Cross-Site Scripting

Overview Impact In highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted sources could execute code in the end user's browser. Especially when using the useHTML flag, HTML string options...

3.5CVSS6.3AI score0.00867EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2021/05/05 3:30 p.m.46 views

CVE-2021-29489 Options structure open to XSS if passed unfiltered

Highcharts JS is a JavaScript charting library based on SVG. In Highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted sources could execute code in the end user's browser. The...

7.6CVSS7.4AI score0.00867EPSS
Exploits0References2
CVE
CVE
added 2021/05/05 3:30 p.m.382 views

CVE-2021-29489

Highcharts JS (charting library) versions 8 and earlier are vulnerable to cross-site scripting due to inadequate filtering of the chart options structure for XSS vectors. The vulnerability can allow execution of untrusted script in the end user’s browser if the configuration contains malicious in...

7.6CVSS5.5AI score0.00867EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder