RSS   Vulnerabilities for 'Chartkick'   RSS

2020-08-05
 
CVE-2020-16254

CWE-74
 

 
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).

 
2019-06-06
 
CVE-2019-12732

CWE-79
 

 
The Chartkick gem through 3.1.0 for Ruby allows XSS.

 


Copyright 2024, cxsecurity.com

 

Back to Top