Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.
{
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "1.11.0"
},
{
"last_affected": "1.11.0"
},
{
"introduced": "1.12.0"
},
{
"last_affected": "1.12.0"
},
{
"introduced": "1.13.0"
},
{
"last_affected": "1.13.0"
},
{
"introduced": "1.14.0"
},
{
"last_affected": "1.14.0"
},
{
"introduced": "1.14.1"
},
{
"last_affected": "1.14.1"
},
{
"introduced": "1.14.2"
},
{
"last_affected": "1.14.2"
},
{
"introduced": "1.15.0"
},
{
"last_affected": "1.15.0"
}
],
"cpe": [
"cpe:2.3:a:plotly:plotly.js:1.11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.13.0:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.14.0:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.14.1:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.14.2:*:*:*:*:*:*:*",
"cpe:2.3:a:plotly:plotly.js:1.15.0:*:*:*:*:*:*:*"
]
}