yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.
9.8CVSS
9.3AI Score
0.002EPSS
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.
9.8CVSS
9.6AI Score
0.005EPSS