CVE-2019-12732

The Chartkick gem through 3.1.0 for Ruby allows XSS.
Source: NIST
CVE-2019-12732