202 matches found
CVE-2022-3873
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...
UBUNTU-CVE-2022-3873
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...
CVE-2022-3873
CVE-2022-3873 describes a DOM-based Cross-site Scripting (XSS) vulnerability in the Draw.io project (jgraph/drawio) affecting versions prior to 20.5.2. The available connected documents consistently identify the issue as a DOM XSS without detailing vendor-specific product configurations beyond th...
JGraph draw.io 跨站脚本漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A security vulnerability exists in JGraph draw.io versions prior to 20.5.2. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
CVE-2022-3873 Cross-site Scripting (XSS) - DOM in jgraph/drawio
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...
CVE-2022-3873 Cross-site Scripting (XSS) - DOM in jgraph/drawio
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...
CVE-2022-3223
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 20.3.1...
CVE-2022-3223
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 20.3.1...
CVE-2022-3223
Summary: CVE-2022-3223 is a stored XSS vulnerability in the JGraph Draw.io project (GitHub) affecting versions prior to 20.3.1. The issue arises from unsafe handling in the diagram/mathematical typesetting feature, enabling attackers to inject scripts via crafted content (notably through inline M...
CVE-2022-3223 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 20.3.1...
CVE-2022-3223 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 20.3.1...
JGraph draw.io 跨站脚本漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A cross-site scripting vulnerability exists in JGraph draw.io versions prior to 20.3.1. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
CVE-2022-3133
OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0...
CVE-2022-3133 OS Command Injection in jgraph/drawio
OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0...
CVE-2022-3133
CVE-2022-3133 affects the jgraph/drawio project prior to 20.3.0. The issue is an OS command injection caused by improper neutralization of input data in command construction. The vulnerability is labeled as high risk (CVSS base score 7.8/NVD; 7.0 in some metrics) with a local attack vector and us...
JGraph draw.io 操作系统命令注入漏洞
JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. An operating system command injection vulnerability exists in JGraph draw.io versions prior to 20.3.0, which arises from a networked system or product that does not properly filter special characters, command...
CVE-2022-3148
Cross-site Scripting XSS - Generic in GitHub repository jgraph/drawio prior to 20.3.0...
CVE-2022-3148
Cross-site Scripting XSS - Generic in GitHub repository jgraph/drawio prior to 20.3.0...
CVE-2022-3138
Cross-site Scripting XSS - Generic in GitHub repository jgraph/drawio prior to 20.3.0...
Cross site scripting
Cross-site Scripting XSS - Generic in GitHub repository jgraph/drawio prior to 20.3.0...