60
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the tooltip of charts.
You're affected if you are using a vulnerable version of the package, and pass user input to the chart's tooltip (directly or indirectly, such as via a different component).
Upgrade echarts to a patch version.