Description

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.

Remediation

References

http://help.plot.ly/security-advisories/2016-08-08-plotlyjs-xss-advisory/

Related Vulnerabilities

CVE-2021-26074 Vulnerability in maven package com.atlassian.connect:atlassian-connect-spring-boot-starter

CVE-2021-32730 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui

CVE-2020-7013 Vulnerability in npm package kibana

CVE-2023-25158 Vulnerability in maven package org.geotools:gt-main

CVE-2012-2379 Vulnerability in maven package org.apache.cxf:cxf-bundle

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Vendor Advisory