VYPR
Medium severity6.1NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026

CVE-2017-1000006

CVE-2017-1000006

Description

Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
plotly.jsnpm
< 1.16.01.16.0

Affected products

8
  • Plotly/Plotly.js7 versions
    cpe:2.3:a:plotly:plotly.js:1.11.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:plotly:plotly.js:1.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.14.0:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.14.1:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.14.2:*:*:*:*:*:*:*
    • cpe:2.3:a:plotly:plotly.js:1.15.0:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 1.16.0

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.