Description
The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields.
Remediation
References
https://github.com/apexcharts/apexcharts.js/commit/68f3f34d125719b4767614fe0a595cc65bde1d19
https://github.com/apexcharts/apexcharts.js/pull/2158
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1070616
https://snyk.io/vuln/SNYK-JS-APEXCHARTS-1062708
Related Vulnerabilities
CVE-2020-6428 Vulnerability in npm package electron
CVE-2021-37695 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2021-22096 Vulnerability in maven package org.springframework:spring-core
CVE-2022-24278 Vulnerability in npm package convert-svg-core
CVE-2021-46365 Vulnerability in maven package info.magnolia:magnolia-core