2 matches found
CVE-2025-54880 Mermaid does not properly sanitize architecture diagram iconText leading to XSS
Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html...
Directus 授权问题漏洞
Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. An authorization issue vulnerability exists in Directus versions prior to 9.12.0 to 11.9.0 that stems from a manual trigger process that does not validate permissions, which...