Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrArjunshibu1-NPM-APEXCHARTS
HistoryDec 18, 2020 - 12:00 a.m.

Cross-site Scripting (XSS) - Generic in apexcharts/apexcharts.js

2020-12-1800:00:00
arjunshibu
www.huntr.dev
34

0.001 Low

EPSS

Percentile

49.0%

JSON

Description

apexcharts is vulnerable to Cross-Site Scripting (XSS).

Proof of Concept

  1. Install the package by following this instruction https://apexcharts.com/docs/installation/ or try the live sandbox here https://codepen.io/apexcharts/pen/xYqyYm
  2. Edit JS and insert the XSS payload below in the name field
  3. Payload: 'sales<img src>'
  4. XSS payload will get executed.

Impact

An attacker is able to execute malicious scripts.

Related

prion 1
github 1
nodejs 1
osv 2
nvd 1
cve 1
cvelist 1
ibm 1
prion
prion
Cross site scripting
2021-02-09 08:15:00
github
github
XSS in apexcharts
2021-02-11 20:47:34
nodejs
nodejs
Cross-Site Scripting (XSS)
2021-02-24 03:03:58
osv
osv
CVE-2021-23327
2021-02-09 08:15:11
XSS in apexcharts
2021-02-11 20:47:34
nvd
nvd
CVE-2021-23327
2021-02-09 08:15:11
cve
cve
CVE-2021-23327
2021-02-09 08:15:11
cvelist
cvelist
CVE-2021-23327 Cross-site Scripting (XSS)
2021-02-09 00:00:00
ibm
ibm
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by Vulnerabilities in Node.js
2021-04-16 14:32:44

0.001 Low

EPSS

Percentile

49.0%

JSON
Related for 1-NPM-APEXCHARTS
prion1github1nodejs1osv2nvd1cve1cvelist1ibm1