2 matches found
CVE-2022-1730 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 18.0.4...
CVE-2022-1730
CVE-2022-1730 affects jgraph/drawio (prior to version 18.0.4). The stored XSS vulnerability arises from insufficient data validation/filtering of user-supplied data, allowing injected scripts to be stored and later executed in the client. Impact is client-side script execution (XSS) for affected ...