18 matches found
CVE-2025-11820 Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets
The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all versions up to, and including, 3.1.8 due to insufficient input sanitization and output escaping on data attributes. This makes it possible for authenticat...
EUVD-2020-5683
Malware in sbrugna...
EUVD-2021-28336
Malicious code in bioql PyPI...
CVE-2020-13429
legend.ts in the piechart-panel aka Pie Chart Panel plugin before 1.5.0 for Grafana allows XSS via the Values Header aka legend header option...
Malicious code in sfdc-pie-chart (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a82b998b6eb2e809bb6ba8331f5cf02953ad325da7ae99dca4a01d50a8d66ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References IDOR vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.1...
Spoofing
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References IDOR vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.1...
Atlassian Jira 权限许可和访问控制问题漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage various types of issues and defects in the workplace. A privilege permission and access control issue vulnerability exists in Atlassian Jira Server and Data Center, which stems...
PT-2021-23261 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.13.12 Atlassian Jira Server and Data Center versions 8.14.0 through 8.19.x Description: The issue allows unauthenticated remote attackers to view the names of private projects and...
Anonymous user can view names of private projects and filters via IDOR in Workload Pie Chart Gadget - CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References IDOR vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.1...
Cross-site Scripting (XSS) - Generic in alibaba/bizcharts
Description bizcharts is vulnerable to Cross-Site Scripting XSS. Steps To Reproduce-: 1. Open NPM repo https://www.npmjs.com/package/bizcharts 2. Open the demo https://bizcharts.net/product/BizCharts4/gallery 3. Select any chartI used pie chart Ex: https://bizcharts.net/product/BizCharts4/demo/37...
CVE-2020-13429
legend.ts in the piechart-panel aka Pie Chart Panel plugin before 1.5.0 for Grafana allows XSS via the Values Header aka legend header option...
CVE-2020-13429
legend.ts in the piechart-panel aka Pie Chart Panel plugin before 1.5.0 for Grafana allows XSS via the Values Header aka legend header option...
CVE-2020-13429
The CVE-2020-13429 issue concerns the grafana-piechart-panel (Pie Chart Panel) plugin. Affected component: legend.ts in the piechart-panel plugin before version 1.5.0. Root cause: XSS via the Values Header (legend header) option. Impact: allows cross‑site scripting in Grafana deployments using vu...
Design/Logic Flaw
The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data. When a chart is included in a Grafana dashboard, this vulnerability could allow an attacker to gain remote unauthenticated access to the dashboard...
CVE-2015-9282
The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data. When a chart is included in a Grafana dashboard, this vulnerability could allow an attacker to gain remote unauthenticated access to the dashboard...
CVE-2015-9282
The CVE-2015-9282 entry concerns the Grafana Pie Chart Panel plugin (up to 2019-01-02). The vulnerability is an XSS flaw in legend or tooltip data, enabling an attacker to influence a Grafana dashboard when the chart is embedded. The underlying cause is untrusted data being rendered in chart UI c...
CVE-2015-9282
The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data. When a chart is included in a Grafana dashboard, this vulnerability could allow an attacker to gain remote unauthenticated access to the dashboard...