CVE-2020-16254

Published August 5th, 2020

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

1

PROJECT

Description

The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).

ankane/chartkick

Create beautiful JavaScript charts with one line of Ruby

GitHub

6.53K