CVE-2020-16254
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).
6.1CVSS
6.6AI Score
0.001EPSS