cvedb.io
CVE-2023-26487
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-03-04T00:15:15.563 · Last modified 2026-06-17T05:43:26.700

Summary

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consisting of 2nd and 3rd arguments as `push` call argument. The type of the 1st argument is supposed to be an array, but it's not enforced. This makes it possible to specify any object with a `push` function as the 1st argument, `push` function can be set to any function that can be access via `event.view` (no all such functions can be exploited due to invalid context or signature, but some can, e.g. `console.log`). The issue is that`lassoAppend` doesn't enforce proper types of its arguments. This issue opens various XSS vectors, but exact impact and s

Affected products

vega-functions_project — vega-functions

Does this affect you?

Add your gear to cvedb and we'll alert you only when vega-functions_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.