Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2026/05/26 8:14 p.m.12 views

CVE-2026-45249

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

6.1CVSS5.7AI score0.00759EPSS
Exploits0References1
osv
osv
added 2026/05/26 1:30 p.m.2 views

GHSA-FGMJ-FM8M-JVVX Apache ECharts has a cross-site scripting (XSS) vulnerability

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

6.1CVSS5.7AI score0.00759EPSS
Exploits0References8
snyk
snyk
added 2026/05/25 10:59 a.m.11 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:echarts is an Apache ECharts is a powerful, interactive charting and data visualization library for browser Affected versions of this package are vulnerable to Cross-site Scripting XSS in the tooltip rendering when both Lines series and tooltip are used without a...

6.1CVSS5.9AI score0.00759EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/25 7:38 a.m.39 views

CVE-2026-45249 Apache ECharts: XSS in Lines series tooltip rendering

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

0.00759EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/05/25 7:38 a.m.11 views

CVE-2026-45249

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

5.8AI score0.00759EPSS
Exploits0References5
euvd
euvd
added 2026/05/25 7:38 a.m.14 views

EUVD-2026-31650

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

5.8AI score0.00759EPSS
Exploits0References4
cve
cve
added 2026/05/25 7:38 a.m.69 views

CVE-2026-45249

Apache ECharts contains an XSS risk in the Lines series tooltip rendering for versions before 6.1.0. If Lines and tooltip are used without a user-specified tooltip.formatter and series.data[i].name is set, a raw HTML string can be inserted into the tooltip via innerHTML, bypassing normal escaping...

6.1CVSS5.8AI score0.00759EPSS
Exploits0References5Affected Software1
ptsecurity
ptsecurity
added 2026/05/23 12:0 a.m.17 views

PT-2026-42882

Name of the Vulnerable Software and Affected Versions Apache ECharts versions prior to 6.1.0 Description A cross-site scripting XSS issue exists in the Lines series tooltip rendering logic. When the Lines series and tooltip are used without a user-specified tooltip.formatter, and series.datai.nam...

6.1CVSS5.8AI score0.00759EPSS
Exploits0References11
Rows per page
Query Builder