Medium severity6.3OSV Advisory· Published Feb 9, 2021· Updated Jun 17, 2026
CVE-2021-23327
CVE-2021-23327
Description
The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apexchartsnpm | < 3.24.0 | 3.24.0 |
Affected products
2- Range: 3.0.0, 3.10.0, 3.21.0, …
Patches
Vulnerability mechanics
References
7- github.com/apexcharts/apexcharts.js/commit/68f3f34d125719b4767614fe0a595cc65bde1d19nvdPatchThird Party AdvisoryWEB
- github.com/apexcharts/apexcharts.js/pull/2158nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-w46j-8hm6-h8mmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23327ghsaADVISORY
- snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1070616nvdThird Party AdvisoryWEB
- snyk.io/vuln/SNYK-JS-APEXCHARTS-1062708nvdThird Party AdvisoryWEB
- www.npmjs.com/package/apexchartsghsaWEB
News mentions
0No linked articles in our index yet.