Plotly: >> Plotly.js Security Vulnerabilities
In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-01-03
Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.
CVSS Score
6.1
EPSS Score
0.006
Published
2017-07-17