Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/05/26 8:14 p.m.12 views

CVE-2026-45249

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

6.1CVSS5.7AI score0.00759EPSS
Exploits0References1
snyk
snyk
added 2026/05/25 10:59 a.m.41 views

Cross-site Scripting (XSS)

Overview echarts is an Apache ECharts is a powerful, interactive charting and data visualization library for browser Affected versions of this package are vulnerable to Cross-site Scripting XSS in the tooltip rendering when both Lines series and tooltip are used without a user-specified...

6.1CVSS5.8AI score0.00759EPSS
Exploits0References2
snyk
snyk
added 2026/05/25 10:59 a.m.11 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:echarts is an Apache ECharts is a powerful, interactive charting and data visualization library for browser Affected versions of this package are vulnerable to Cross-site Scripting XSS in the tooltip rendering when both Lines series and tooltip are used without a...

6.1CVSS5.9AI score0.00759EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/25 7:38 a.m.39 views

CVE-2026-45249 Apache ECharts: XSS in Lines series tooltip rendering

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

0.00759EPSS
Exploits0References4
cve
cve
added 2026/05/25 7:38 a.m.69 views

CVE-2026-45249

Apache ECharts contains an XSS risk in the Lines series tooltip rendering for versions before 6.1.0. If Lines and tooltip are used without a user-specified tooltip.formatter and series.data[i].name is set, a raw HTML string can be inserted into the tooltip via innerHTML, bypassing normal escaping...

6.1CVSS5.8AI score0.00759EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2026/05/25 7:38 a.m.10 views

CVE-2026-45249 Apache ECharts: XSS in Lines series tooltip rendering

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

5.8AI score0.00759EPSS
Exploits0References4
osv
osv
added 2026/05/25 7:38 a.m.2 views

CVE-2026-45249 Apache ECharts: XSS in Lines series tooltip rendering

A cross-site scripting XSS vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0, if both Lines series and tooltip are used, and no user-specified tooltip.formatter is provided, and...

6.1CVSS6AI score0.00759EPSS
Exploits0References8
Rows per page
Query Builder