PT-2026-5054 · Unknown · Billboard.Js

Jesper Den Boer

·

Publicado

2026-01-28

·

Atualizado

2026-02-24

·

CVE-2026-1513

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions billboard.js versions prior to 3.18.0
Description billboard.js versions before 3.18.0 are susceptible to malicious JavaScript execution. This occurs because of inadequate sanitization when binding chart options. The issue allows an attacker to inject and run malicious code within the application using billboard.js.
Recommendations Update billboard.js to version 3.18.0 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2026-1513
GHSA-RPC5-PM7Q-HJMP
OPENSUSE-SU-2026:10241-1

Produtos afetados

Billboard.Js