Description
The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields.
Remediation
References
https://github.com/apexcharts/apexcharts.js/commit/68f3f34d125719b4767614fe0a595cc65bde1d19
https://github.com/apexcharts/apexcharts.js/pull/2158
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1070616
https://snyk.io/vuln/SNYK-JS-APEXCHARTS-1062708
Related Vulnerabilities
CVE-2023-46233 Vulnerability in maven package org.webjars.bower:crypto-js
CVE-2021-25943 Vulnerability in npm package 101
CVE-2022-1295 Vulnerability in maven package org.webjars.bowergithub.alvarotrigo:fullpage.js
CVE-2022-39387 Vulnerability in maven package org.xwiki.contrib.oidc:oidc-authenticator
CVE-2020-13947 Vulnerability in maven package org.apache.activemq:activemq-web-console