54 matches found
JGraph draw.io 输入验证错误漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.7 that originates from exposing sensitive information to an unauthorized Actor...
JGraph draw.io 代码问题漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.7 that stems from the presence of server-side request forgery SSRF...
JGraph draw.io 代码问题漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.6, which stems from a server-side request forgery SSRF vulnerability in draw.io...
JGraph draw.io 代码问题漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.6, which stems from a server-side request forgery SSRF vulnerability in draw.io...
JGraph draw.io 代码问题漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io versions prior to 18.0.4. An attacker could exploit the vulnerability to make a request through the server and read its contents, which could lead to the...
JGraph draw.io 代码问题漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io versions prior to 18.0.5 that stems from a server-side request forgery vulnerability in IPv6 link-local addresses...
JGraph draw.io 路径遍历漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.5, which stems from a path traversal vulnerability in WellKnownServlet. An attacker could use this vulnerability to read local files of ...
JGraph draw.io 跨站脚本漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A cross-site scripting vulnerability exists in JGraph draw.io prior to version 18.0.0, which stems from the application's lack of filtering and escaping of user input. An attacker can exploit this vulnerabili...
CVE-2019-13127
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...
CVE-2019-13127
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...
Input validation
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...
CVE-2019-13127
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...
CVE-2019-13127
An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field leads to XSS. This is associated with javascript/examples/grapheditor/www/js/Dialogs.js...
CVE-2019-13127
mxGraph (up to version 4.0.0) and the draw.io Diagrams plugin for Confluence are vulnerable to cross-site scripting due to improper validation/sanitization of a color field in javascript/examples/grapheditor/www/js/Dialogs.js. Multiple sources (NVD, OSV, GHSA, CNVD, etc.) describe an XSS conditio...