39 matches found
EUVD-2022-5647
Malicious code in bioql PyPI...
EUVD-2022-7112
Malicious code in bioql PyPI...
EUVD-2022-5818
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-18197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
SUSE CVE-2017-18197
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...
-wlq-mxgrapheditor (=0.0.0), @amccarthy/mxgraphng (=0.1.1) +80 more potentially affected by CVE-2022-40440 via mxgraph (>=3.9.12 <=4.2.2)
mxgraph NPM version =3.9.12, =0.0.2, =0.1.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1-ba-beta.2, =0.0.1, =0.0.16, =0.0.1, =0.0.3 and more Source cves: CVE-2022-40440 Source advisory: OSV:GHSA-J4RV-PR9G-Q8JV...
GHSA-J4RV-PR9G-Q8JV mxGraph vulnerable to cross-site scripting in setTooltips function
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
mxGraph vulnerable to cross-site scripting in setTooltips function
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
Cross site scripting
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph version 4.2.2 contains a cross-site scripting (XSS) vulnerability in the setTooltips() function. The provided connected records confirm the flaw but do not include concrete exploit details or official patches within the documents. A PT-2022-25387 entry recommends disabling the setTooltips...
mxGraph 跨站脚本漏洞
mxGraph is a JavaScript charting library. A security vulnerability exists in mxGraph version v4.2.2, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the setTooltips function...
PT-2022-25387 · Mxgraph · Mxgraph
Name of the Vulnerable Software and Affected Versions: mxGraph version 4.2.2 Description: The issue is related to a cross-site scripting XSS vulnerability. It occurs via the setTooltips function, which is susceptible to XSS attacks. Recommendations: For mxGraph version 4.2.2, consider disabling t...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
GHSA-XM59-JVXM-CP3V mxGraph vulnerable to cross-site scripting in color field
mxGraph through 4.0.0, related to the draw.io Diagrams plugin before 8.3.14 for Confluence and other products, is vulnerable to cross-site scripting. draw.io Diagrams allows the creation and editing of draw.io-based diagrams in Confluence. Among other things, it allows to set the background color...
mxGraph vulnerable to cross-site scripting in color field
mxGraph through 4.0.0, related to the draw.io Diagrams plugin before 8.3.14 for Confluence and other products, is vulnerable to cross-site scripting. draw.io Diagrams allows the creation and editing of draw.io-based diagrams in Confluence. Among other things, it allows to set the background color...
GHSA-WVPV-8524-WG6X mxGraph vulnerable to XXE attacks
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...