Lucene search
K

54 matches found

CNNVD
CNNVD
added 2022/05/18 12:0 a.m.3 views

JGraph draw.io 输入验证错误漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.7 that originates from exposing sensitive information to an unauthorized Actor...

8.2CVSS7.1AI score0.01125EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.2 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.7 that stems from the presence of server-side request forgery SSRF...

7.5CVSS7.3AI score0.01698EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.3 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.6, which stems from a server-side request forgery SSRF vulnerability in draw.io...

7.5CVSS7.3AI score0.05372EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.3 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.6, which stems from a server-side request forgery SSRF vulnerability in draw.io...

7.5CVSS7.3AI score0.0164EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.3 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io versions prior to 18.0.4. An attacker could exploit the vulnerability to make a request through the server and read its contents, which could lead to the...

7.5CVSS7.4AI score0.08667EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.2 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io versions prior to 18.0.5 that stems from a server-side request forgery vulnerability in IPv6 link-local addresses...

7.5CVSS6.4AI score0.00514EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.2 views

JGraph draw.io 路径遍历漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.5, which stems from a path traversal vulnerability in WellKnownServlet. An attacker could use this vulnerability to read local files of ...

7.5CVSS7.3AI score0.0215EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.3 views

JGraph draw.io 跨站脚本漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A cross-site scripting vulnerability exists in JGraph draw.io prior to version 18.0.0, which stems from the application's lack of filtering and escaping of user input. An attacker can exploit this vulnerabili...

9.6CVSS8.4AI score0.02273EPSS
Exploits1References3
NVD
NVD
added 2019/07/01 3:15 p.m.12 views

CVE-2019-13127

An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...

6.1CVSS6.2AI score0.01503EPSS
Exploits1References3
OSV
OSV
added 2019/07/01 3:15 p.m.13 views

CVE-2019-13127

An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...

6.1CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2019/07/01 3:15 p.m.17 views

Input validation

An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...

4.3CVSS6.2AI score0.01503EPSS
Exploits1References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2019/07/01 3:15 p.m.1 views

CVE-2019-13127

An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...

6.1CVSS5.5AI score0.01503EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/07/01 2:33 p.m.24 views

CVE-2019-13127

An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...

6.2AI score0.01503EPSS
Exploits1References3
CVE
CVE
added 2019/07/01 2:33 p.m.73 views

CVE-2019-13127

mxGraph (up to version 4.0.0) and the draw.io Diagrams plugin for Confluence are vulnerable to cross-site scripting due to improper validation/sanitization of a color field in javascript/examples/grapheditor/www/js/Dialogs.js. Multiple sources (NVD, OSV, GHSA, CNVD, etc.) describe an XSS conditio...

6.1CVSS6.1AI score0.01503EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder