CVE-2025-4700

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...

JGraph draw.io 路径遍历漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.5, which stems from a path traversal vulnerability in WellKnownServlet. An attacker could use this vulnerability to read local files of ...