BradG

Checkmarx reports potential XSS issues

Recommended Posts

We use Checkmarx Static Code Analysis to identify code vulnerabilities.  In fusioncharts.js 3.12.2, Checkmarx reports 3 potential XSS issues when setting innerHTML to a text property:

line 310 (first occurrence): FusionXSS1.PNG.46068b27970934769aab275c5daec011.PNG

line 310 (second occurrence): FusionXSS2.PNG.d51c19b2a68ecae4228dea1a77754f99.PNG

line 316: FusionXSS3.PNG.a7611efea4cc925c7c10208c23b5f78c.PNG

Can you either fix these vulnerabilities or assure us that they cannot be used to enable a cross site scripting attack?

Edited by BradG

Share this post


Link to post
Share on other sites

HI,

Hope you are keeping well! Thank you for your continued patience.

 

For the issue reported, could you please upgrade your current version to the latest, i.e, FusionCharts Suite XT v3.15.1?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now