131 matches found
CVE-2022-1815 Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2...
CVE-2022-1784
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...
CVE-2022-1784
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...
CVE-2022-1784 Server-Side Request Forgery (SSRF) in jgraph/drawio
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...
CVE-2022-1784 Server-Side Request Forgery (SSRF) in jgraph/drawio
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...
CVE-2022-1730
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
CVE-2022-1730
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
CVE-2022-1730 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
CVE-2022-1730
CVE-2022-1730 affects jgraph/drawio (prior to version 18.0.4). The stored XSS vulnerability arises from insufficient data validation/filtering of user-supplied data, allowing injected scripts to be stored and later executed in the client. Impact is client-side script execution (XSS) for affected ...
CVE-2022-1730 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
PT-2022-14079 · Jgraph · Jgraph/Drawio
Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 18.0.4 Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and executed by other...
CVE-2022-1774 Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7...
CVE-2022-1774
CVE-2022-1774 affects the jgraph/drawio project prior to version 18.0.7. The provided connected sources consistently describe exposure of sensitive information to an unauthorized actor in the draw.io GitHub repository, with multiple entries corroborating the issue and noting the fixed version as ...
CVE-2022-1767
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...
CVE-2022-1767
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...
CVE-2022-1767 Server-Side Request Forgery (SSRF) in jgraph/drawio
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...
CVE-2022-1767
The CVE-2022-1767 instance concerns a Server-Side Request Forgery (SSRF) in the GitHub repository jgraph/drawio, affecting versions prior to 18.0.7. Affected component: draw.io server-side handling could be tricked into issuing unintended requests. Impact reported in CVSS: CVSS3.1 base score 7.5 ...
CVE-2022-1767 Server-Side Request Forgery (SSRF) in jgraph/drawio
Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...