vega

Vega has Cross-site Scripting vulnerability in `lassoAppend` function

Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]

XSS in Vega

Vega Expression Language `scale` expression function Cross Site Scripting

Vega XSS via expression abusing vlSelectionTuples function array map calls in environments with satisfactory function gadgets in the global scope

`vega-functions` vulnerable to Cross-site Scripting via `setdata` function

Malicious code in vega-embed-v6 (npm)

Malicious code in vega-embed-v5 (npm)

Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util

Malicious code in symphony-vega (npm)