Lucene search
+L

233 matches found

OSV
OSV
โ€ขadded 2023/07/27 2:33 p.m.โ€ข22 views

CVE-2023-3973 Cross-site Scripting (XSS) - Reflected in jgraph/drawio

Cross-site Scripting XSS - Reflected in GitHub repository jgraph/drawio prior to 21.6.3...

9.6CVSS8.4AI score0.00346EPSS
Exploits0References4
NVD
NVD
โ€ขadded 2023/06/26 11:15 a.m.โ€ข27 views

CVE-2023-3398

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

7.5CVSS6AI score0.00969EPSS
Exploits1References2
Prion
Prion
โ€ขadded 2023/06/26 11:15 a.m.โ€ข23 views

Denial of service

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

5CVSS7.5AI score0.00969EPSS
Exploits1References2Affected Software1
CVE
CVE
โ€ขadded 2023/06/26 10:5 a.m.โ€ข141 views

CVE-2023-3398

CVE-2023-3398 affects the JGraph Drawio project. Affected software: drawio (GitHub repository jgraph/drawio) prior to version 18.1.3. Root cause and impact: a Denial of Service leads to degraded/blocked service when handling large uploads, with the observed impact described as DoS and confirmed b...

7.5CVSS6AI score0.00969EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
โ€ขadded 2023/06/26 10:5 a.m.โ€ข28 views

CVE-2023-3398 Denial of Service in jgraph/drawio

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

5.3CVSS7.7AI score0.00969EPSS
Exploits1References2
Vulnrichment
Vulnrichment
โ€ขadded 2023/06/26 10:5 a.m.โ€ข19 views

CVE-2023-3398 Denial of Service in jgraph/drawio

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

5.3CVSS6.8AI score0.00969EPSS
Exploits1References2
OSV
OSV
โ€ขadded 2023/06/26 10:5 a.m.โ€ข21 views

CVE-2023-3398 Denial of Service in jgraph/drawio

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

5.3CVSS5.7AI score0.00969EPSS
Exploits1References4
Positive Technologies
Positive Technologies
โ€ขadded 2023/06/26 12:0 a.m.โ€ข5 views

PT-2023-24613 ยท Unknown ยท Jgraph/Drawio

Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 18.1.3 Description: The issue is related to a Denial of Service in the GitHub repository jgraph/drawio. Recommendations: For versions prior to 18.1.3, update to version 18.1.3 or later to resolve the issue...

7.5CVSS5.4AI score0.00969EPSS
Exploits1References5
CNNVD
CNNVD
โ€ขadded 2023/06/26 12:0 a.m.โ€ข8 views

drawio ่ต„ๆบ็ฎก็†้”™่ฏฏๆผๆดž

JGraph drawio is a JavaScript client editor from JGraph. A resource management error vulnerability exists in versions of drawio prior to 18.1.3, which stems from an upload of a large file causing a system denial of service...

7.5CVSS6.1AI score0.00969EPSS
Exploits1References3
Huntr
Huntr
โ€ขadded 2023/06/12 8:34 p.m.โ€ข33 views

Desktop APP RCE via saveDraft IPC

๐Ÿ”’๏ธ Requirements The user must load a malicious project. ๐Ÿ“ Description In version 20.3.3 commit 5383c20e947fd772668316e407edc5d5db4850db, the shell=true option is added to a spawn execution. This is really dangerous has it allows a malicious user to execute commands even from attributes. Example: j...

7.5CVSS7.1AI score0.01069EPSS
Exploits0
NVD
NVD
โ€ขadded 2023/06/01 1:15 a.m.โ€ข27 views

CVE-2023-3026

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.5CVSS6.1AI score0.00534EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
โ€ขadded 2023/06/01 1:15 a.m.โ€ข4 views

CVE-2023-3026

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.5CVSS6.5AI score0.00534EPSS
Exploits0References3
Prion
Prion
โ€ขadded 2023/06/01 1:15 a.m.โ€ข15 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.4CVSS6AI score0.00534EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
โ€ขadded 2023/06/01 12:0 a.m.โ€ข8 views

CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.5CVSS6AI score0.00534EPSS
Exploits0References2
Positive Technologies
Positive Technologies
โ€ขadded 2023/06/01 12:0 a.m.โ€ข8 views

PT-2023-22610 ยท Jgraph ยท Jgraph/Drawio

Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 21.2.8 Description: The issue is related to Cross-site Scripting XSS - Stored. This type of attack occurs when an application stores user input that contains malicious code, which is then executed by the...

6.5CVSS6.3AI score0.00534EPSS
Exploits0References6
CVE
CVE
โ€ขadded 2023/06/01 12:0 a.m.โ€ข128 views

CVE-2023-3026

The CVE-2023-3026 entry corresponds to a Stored Cross-Site Scripting (XSS) vulnerability in jgraph/drawio, affecting versions prior to 21.2.8. The issue is caused by improper handling of user input stored in the application, enabling XSS payloads to execute when loaded. Public documentation provi...

6.5CVSS6AI score0.00534EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
โ€ขadded 2023/06/01 12:0 a.m.โ€ข39 views

CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.5CVSS6.2AI score0.00534EPSS
Exploits0References2
OSV
OSV
โ€ขadded 2023/06/01 12:0 a.m.โ€ข25 views

CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio

Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...

6.5CVSS6.7AI score0.00534EPSS
Exploits0References5
NVD
NVD
โ€ขadded 2022/11/07 11:15 a.m.โ€ข22 views

CVE-2022-3873

Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...

6.5CVSS0.00624EPSS
Exploits1References2
OSV
OSV
โ€ขadded 2022/11/07 11:15 a.m.โ€ข37 views

UBUNTU-CVE-2022-3873

Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...

6.5CVSS6.5AI score0.00624EPSS
Exploits1References4
Rows per page
Query Builder