39 matches found
EUVD-2022-7112
Malicious code in bioql PyPI...
EUVD-2022-5818
Malicious code in bioql PyPI...
EUVD-2022-5647
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-18197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
SUSE CVE-2017-18197
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...
mxGraph vulnerable to cross-site scripting in setTooltips function
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
-wlq-mxgrapheditor (=0.0.0), @amccarthy/mxgraphng (=0.1.1) +81 more potentially affected by CVE-2022-40440 via mxgraph (>=3.9.12 <=4.2.2)
mxgraph NPM version =3.9.12, =0.0.2, =0.1.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1-ba-beta.2, =0.0.1, =0.0.16, =0.0.1, =0.0.3 and more Source cves: CVE-2022-40440 Source advisory: OSV:GHSA-J4RV-PR9G-Q8JV...
GHSA-J4RV-PR9G-Q8JV mxGraph vulnerable to cross-site scripting in setTooltips function
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
Cross site scripting
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
CVE-2022-40440
mxGraph v4.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the setTooltips function...
mxGraph 跨站脚本漏洞
mxGraph is a JavaScript charting library. A security vulnerability exists in mxGraph version v4.2.2, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the setTooltips function...
CVE-2022-40440
mxGraph version 4.2.2 contains a cross-site scripting (XSS) vulnerability in the setTooltips() function. The provided connected records confirm the flaw but do not include concrete exploit details or official patches within the documents. A PT-2022-25387 entry recommends disabling the setTooltips...
PT-2022-25387 · Mxgraph · Mxgraph
Name of the Vulnerable Software and Affected Versions: mxGraph version 4.2.2 Description: The issue is related to a cross-site scripting XSS vulnerability. It occurs via the setTooltips function, which is susceptible to XSS attacks. Recommendations: For mxGraph version 4.2.2, consider disabling t...
mxGraph vulnerable to cross-site scripting in color field
mxGraph through 4.0.0, related to the draw.io Diagrams plugin before 8.3.14 for Confluence and other products, is vulnerable to cross-site scripting. draw.io Diagrams allows the creation and editing of draw.io-based diagrams in Confluence. Among other things, it allows to set the background color...
GHSA-XM59-JVXM-CP3V mxGraph vulnerable to cross-site scripting in color field
mxGraph through 4.0.0, related to the draw.io Diagrams plugin before 8.3.14 for Confluence and other products, is vulnerable to cross-site scripting. draw.io Diagrams allows the creation and editing of draw.io-based diagrams in Confluence. Among other things, it allows to set the background color...
mxGraph vulnerable to XXE attacks
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert is missing flags to prevent XML External Entity XXE attacks, as demonstrated by /ServerView...