233 matches found
CVE-2023-3973 Cross-site Scripting (XSS) - Reflected in jgraph/drawio
Cross-site Scripting XSS - Reflected in GitHub repository jgraph/drawio prior to 21.6.3...
CVE-2023-3398
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...
Denial of service
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...
CVE-2023-3398
CVE-2023-3398 affects the JGraph Drawio project. Affected software: drawio (GitHub repository jgraph/drawio) prior to version 18.1.3. Root cause and impact: a Denial of Service leads to degraded/blocked service when handling large uploads, with the observed impact described as DoS and confirmed b...
CVE-2023-3398 Denial of Service in jgraph/drawio
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...
CVE-2023-3398 Denial of Service in jgraph/drawio
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...
CVE-2023-3398 Denial of Service in jgraph/drawio
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...
PT-2023-24613 ยท Unknown ยท Jgraph/Drawio
Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 18.1.3 Description: The issue is related to a Denial of Service in the GitHub repository jgraph/drawio. Recommendations: For versions prior to 18.1.3, update to version 18.1.3 or later to resolve the issue...
drawio ่ตๆบ็ฎก็้่ฏฏๆผๆด
JGraph drawio is a JavaScript client editor from JGraph. A resource management error vulnerability exists in versions of drawio prior to 18.1.3, which stems from an upload of a large file causing a system denial of service...
Desktop APP RCE via saveDraft IPC
๐๏ธ Requirements The user must load a malicious project. ๐ Description In version 20.3.3 commit 5383c20e947fd772668316e407edc5d5db4850db, the shell=true option is added to a spawn execution. This is really dangerous has it allows a malicious user to execute commands even from attributes. Example: j...
CVE-2023-3026
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
CVE-2023-3026
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
PT-2023-22610 ยท Jgraph ยท Jgraph/Drawio
Name of the Vulnerable Software and Affected Versions: jgraph/drawio versions prior to 21.2.8 Description: The issue is related to Cross-site Scripting XSS - Stored. This type of attack occurs when an application stores user input that contains malicious code, which is then executed by the...
CVE-2023-3026
The CVE-2023-3026 entry corresponds to a Stored Cross-Site Scripting (XSS) vulnerability in jgraph/drawio, affecting versions prior to 21.2.8. The issue is caused by improper handling of user input stored in the application, enabling XSS payloads to execute when loaded. Public documentation provi...
CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
CVE-2023-3026 Cross-site Scripting (XSS) - Stored in jgraph/drawio
Cross-site Scripting XSS - Stored in GitHub repository jgraph/drawio prior to 21.2.8...
CVE-2022-3873
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...
UBUNTU-CVE-2022-3873
Cross-site Scripting XSS - DOM in GitHub repository jgraph/drawio prior to 20.5.2...