2 matches found
CVE-2022-2014 Code Injection in jgraph/drawio
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2...
CVE-2022-2014
CVE-2022-2014 affects the jgraph/drawio project prior to 19.0.2. The connected sources describe a vulnerability in how diagram data is deserialized, enabling code injection via diagram content (notably unsafe deserialization of diagram elements and attributes), which can lead to client-side remot...