Home > Vulnerability Database > WS-2016-0050

Mend Vulnerability Database

WS-2016-0050

Good to know:

Date: November 4, 2015

"PivotTable.js is a Javascript Pivot Table library with drag'n'drop functionality built on top of jQuery/jQueryUI.Due to a change from text to html functions in how JSON elements are rendered, a cross site scripting (XSS) vulnerability was introduced in version 1.4.0. This vulnerability remained in place until version 2.0.0."

Language: JS

Severity Score

6.1

Related Resources (2)

Url: https://github.com/nicolaskruchten/pivottable/pull/401

Url: https://www.mend.io/vulnerability-database/WS-2016-0050

Severity Score

6.1

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

Upgrade Version

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend Vulnerability Database

We found results for “”

WS-2016-0050

Good to know:

Date: November 4, 2015

Language: JS

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?