CVE-2026-1513

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions billboard.js versions prior to 3.18.0

Description billboard.js versions before 3.18.0 are susceptible to malicious JavaScript execution. This occurs because of inadequate sanitization when binding chart options. The issue allows an attacker to inject and run malicious code within the application using billboard.js.

Recommendations Update billboard.js to version 3.18.0 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-1513

GHSA-RPC5-PM7Q-HJMP

OPENSUSE-SU-2026:10241-1

Affected Products

Billboard.Js

CVE-2026-1513

Weakness Enumeration

Related Identifiers

Affected Products

References · 14