Lucene search
+L

131 matches found

Cvelist
Cvelist
added 2022/05/25 8:15 a.m.25 views

CVE-2022-1815 Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2...

5.3CVSS7.7AI score0.05704EPSS
Exploits1References2
NVD
NVD
added 2022/05/20 1:15 p.m.17 views

CVE-2022-1784

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

7.5CVSS0.01723EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.5 views

CVE-2022-1784

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

7.5CVSS7.1AI score0.01723EPSS
Exploits1References3
Prion
Prion
added 2022/05/20 1:15 p.m.16 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

5CVSS7.6AI score0.01723EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/20 12:15 p.m.21 views

CVE-2022-1784 Server-Side Request Forgery (SSRF) in jgraph/drawio

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

7.5CVSS7.8AI score0.01723EPSS
Exploits1References2
OSV
OSV
added 2022/05/20 12:15 p.m.19 views

CVE-2022-1784 Server-Side Request Forgery (SSRF) in jgraph/drawio

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

7.5CVSS7.8AI score0.01723EPSS
Exploits1References4
NVD
NVD
added 2022/05/19 2:15 p.m.22 views

CVE-2022-1730

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...

6.3CVSS0.00592EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/19 2:15 p.m.5 views

CVE-2022-1730

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...

6.3CVSS5.8AI score0.00592EPSS
Exploits1References3
Prion
Prion
added 2022/05/19 2:15 p.m.18 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...

3.5CVSS4.6AI score0.00592EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/19 1:55 p.m.28 views

CVE-2022-1730 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...

6.3CVSS4.9AI score0.00592EPSS
Exploits1References2
CVE
CVE
added 2022/05/19 1:55 p.m.76 views

CVE-2022-1730

CVE-2022-1730 affects jgraph/drawio (prior to version 18.0.4). The stored XSS vulnerability arises from insufficient data validation/filtering of user-supplied data, allowing injected scripts to be stored and later executed in the client. Impact is client-side script execution (XSS) for affected ...

6.3CVSS4.8AI score0.00592EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/05/19 1:55 p.m.18 views

CVE-2022-1730 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...

6.3CVSS6AI score0.00592EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/05/19 12:0 a.m.2 views

PT-2022-14079 · Jgraph · Jgraph/Drawio

Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 18.0.4 Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and executed by other...

6.3CVSS5AI score0.00592EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/05/18 8:40 p.m.16 views

CVE-2022-1774 Exposure of Sensitive Information to an Unauthorized Actor in jgraph/drawio

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7...

8.2CVSS6.5AI score0.01149EPSS
Exploits1References2
CVE
CVE
added 2022/05/18 8:40 p.m.80 views

CVE-2022-1774

CVE-2022-1774 affects the jgraph/drawio project prior to version 18.0.7. The provided connected sources consistently describe exposure of sensitive information to an unauthorized actor in the draw.io GitHub repository, with multiple entries corroborating the issue and noting the fixed version as ...

8.2CVSS6.6AI score0.01149EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/18 4:15 p.m.7 views

CVE-2022-1767

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...

7.5CVSS7.1AI score0.01735EPSS
Exploits1References3
NVD
NVD
added 2022/05/18 4:15 p.m.25 views

CVE-2022-1767

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...

7.5CVSS0.01735EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/05/18 3:45 p.m.31 views

CVE-2022-1767 Server-Side Request Forgery (SSRF) in jgraph/drawio

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...

7.5CVSS7.8AI score0.01735EPSS
Exploits1References2
CVE
CVE
added 2022/05/18 3:45 p.m.81 views

CVE-2022-1767

The CVE-2022-1767 instance concerns a Server-Side Request Forgery (SSRF) in the GitHub repository jgraph/drawio, affecting versions prior to 18.0.7. Affected component: draw.io server-side handling could be tricked into issuing unintended requests. Impact reported in CVSS: CVSS3.1 base score 7.5 ...

7.5CVSS7.6AI score0.01735EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/05/18 3:45 p.m.22 views

CVE-2022-1767 Server-Side Request Forgery (SSRF) in jgraph/drawio

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.7...

7.5CVSS7.7AI score0.01735EPSS
Exploits1References4
Rows per page
Query Builder