Highcharts is primarily a client-side JavaScript library, so the core is not prone to web server security issues.

Extending the basic JavaScript library, Highcharts in some cases also may refer to files on other web servers, or send chart configuration across the web. Such instances, and how to deal with them, are covered in our General Documentation.